10 matches found
EUVD-2026-31122
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Beyaz Computer Software Design Industry and Trade Ltd. Co. CityPLus allows Reflected XSS. This issue affects CityPLus: before V24.29750.1.0...
Vuln2Secure-A-Secure-Software-Design-Testing-Framework
No d...
This Week in Spring - January 26th, 2026
Hi, Spring fans! Welcome to another installment of This Week in Spring! As I write this, I cannot believe we're nearly at the end of the month! Time sure flies. Spring AI 2.0.0-M2 is available now Spring Modulith 2.1 M1, 2.0.2, and 1.4.7 released In last week's installment of A Bootiful Podcast ,...
CVE-2025-23424
CVE-2025-23424 affects the Marquee Style RSS News Ticker plugin. Connected sources indicate a Cross-Site Request Forgery (CSRF) vulnerability that can lead to a Stored Cross-Site Scripting (XSS) condition in Marquee Style RSS News Ticker versions up to 3.2.0. The CVSS baseline is 7.1 (AV:N/AC:L/P...
Security Testing: Types, Tools, and Best Practices
Opening Note: Understanding the Core Concepts of Security Analysis Continual developments in technology have elevated the significance of security analysis, a critical phase in software design. You can think of it as a vital diagram within the process of coding, engineered to identify and resolve...
Wondershare Dr.Fone 12.0.7 - Privilege Escalation (InstallAssistService) Exploit
Exploit Title: Wondershare Dr.Fone 12.0.7 - Privilege Escalation InstallAssistService Exploit Author: Netanel Cohen & Tomer Peled Vendor Homepage: https://drfone.wondershare.net/ Software Link: https://download.wondershare.net/drfonefull4008.exe Version: up to 12.0.7 Tested on: Windows 10 CVE :...
Remote code execution
Wondershare LTD Dr. Fone as of 2021-12-06 version is affected by Remote code execution. Due to software design flaws an unauthenticated user can communicate over UDP with the "InstallAssistService.exe" servicethe service is running under SYSTEM privileges and manipulate it to execute malicious...
From Layers to Microunits
The evolution of “Code Cohesion” and “Separation of Concerns” The software industry has recognized the values of “Separation of Concerns” and “Code Cohesion” for more than two decades. Many articles, books and software-thinkers have contributed methodologies to implement these important values. I...
ILOVEYOU Virus
It's the twentieth anniversary of the ILOVEYOU virus, and here are three interesting articles about it and its effects on software design...
ArGo Software Design Add New User (admin) Vulnerability
Exploit for php platform in category web applications Exploit Title:ArGo Software Design Add New Useradmin Vulnerability Date: 20/7/2011 Author: Angel Injection home Page: http://www.club-h.co.cc Email: Angel-InjectionathotmailDotcom Vendor or Software Link:http://www.argosoft.com Version: All...