Attacker builds malware variant with leaked Mirai source code

By Sudais Asif The source code of Mirai was leaked in September 2016, on the hacking community Hackforums. This is a post from HackRead.com Read the original post: Attacker builds malware variant with leaked Mirai source code...

Moodle Jmol Plugin File Disclosure

File disclosure vulnerability in Moodle Jmol Plugin Vulnerability Type: File Disclosure For the exploit source code contact DSquare Security sales team...

MonoCMS Blog 1.0 - Arbitrary File Deletion (Authenticated)

Exploit Title: MonoCMS Blog 1.0 - Arbitrary File Deletion Authenticated Date: 2020-09-20 Exploit Author: Shahrukh Iqbal Mirza @shahrukhiqbal24 Vendor Homepage: https://monocms.com/download Software Link: https://monocms.com/download Version: 1.0 Tested On: Windows 10 XAMPP CVE: N/A Proof of...

Cooolis-ms - A Server That Supports The Metasploit Framework RPC

Cooolis-ms is a server that supports Metasploit Framework RPC. It is used to work for Shellcode and PE loader, bypassing the static detection of anti-virus software to a certain extent, and allows the Cooolis-ms server to perform with the Metasploit server separate. Loader execution process: 1...

EulerOS 2.0 SP3 : golang (EulerOS-SA-2020-2078)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, becau...

Microsoft investigating Windows XP, Server 2003 source code leak

By Waqas Microsoft Windows XP may be old but still powers roughly 1% of all desktop and laptop computers worldwide. This is a post from HackRead.com Read the original post: Microsoft investigating Windows XP, Server 2003 source code leak...

Windows XP Source Code Got Leaked All Over the Internet

Plus: A cruel phishing test, ransomware hits Russia, and more of the week's top security news...

Microsoft Windows XP Source Code Reportedly Leaked Online

Microsoft's long-lived operating system Windows XP—that still powers over 1% of all laptops and desktop computers worldwide—has had its source code leaked online, allegedly, along with Windows Server 2003. Yes, you heard that right. The source code for Microsoft's 19-year-old operating system was...

Microsoft Windows XP Source Code Reportedly Leaked Online

Microsoft's long-lived operating system Windows XP—that still powers over 1% of all laptops and desktop computers worldwide—has had its source code leaked online, allegedly, along with Windows Server 2003. Yes, you heard that right. The source code for Microsoft's 19-year-old operating system was...

The vulnerability of Microsoft Business Productivity Servers, SharePoint Server, and SharePoint Enterprise Server lies in errors in the mechanism for checking the source code of application packages. This allows attackers to execute arbitrary code.

The vulnerability of the Microsoft SharePoint software package is related to errors in the mechanism for checking the source markup of the application’s code. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

CVE-2020-14021

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The ASP.net SMS module can be used to read and validate the source code of ASP files. By altering the path, it can be made to read any file on the Operating System, usually with NT AUTHORITY\SYSTEM privileges...

CVE-2020-14021

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The ASP.net SMS module can be used to read and validate the source code of ASP files. By altering the path, it can be made to read any file on the Operating System, usually with NT AUTHORITY\SYSTEM privileges...

Source code of Cerberus banking trojan released online for free

By Sudais Asif Initially, the source code of Cerberus banking trojan - active since July 2019 - was being auctioned by one of its developers. This is a post from HackRead.com Read the original post: Source code of Cerberus banking trojan released online for free...

ElkarBackup Path Traversal Vulnerability

ElkarBackup is a free open source backup solution based on RSync/RSnapshot. ElkarBackup 1.3.3 suffers from a sensitive source code path disclosure vulnerability. An attacker can exploit this vulnerability to view the path to the jobs/sort source code, which can be used to identify the code...

CVE-2020-24925

A Sensitive Source Code Path Disclosure vulnerability is found in ElkarBackup v1.3.3. An attacker is able to view the path of the source code jobs/sort where entire source code path is displayed in the browser itself helping the attacker identify the code structure...

CVE-2020-24925

A Sensitive Source Code Path Disclosure vulnerability is found in ElkarBackup v1.3.3. An attacker is able to view the path of the source code jobs/sort where entire source code path is displayed in the browser itself helping the attacker identify the code structure...

Path traversal

A Sensitive Source Code Path Disclosure vulnerability is found in ElkarBackup v1.3.3. An attacker is able to view the path of the source code jobs/sort where entire source code path is displayed in the browser itself helping the attacker identify the code structure...

CVE-2020-24925

A Sensitive Source Code Path Disclosure vulnerability is found in ElkarBackup v1.3.3. An attacker is able to view the path of the source code jobs/sort where entire source code path is displayed in the browser itself helping the attacker identify the code structure...

CVE-2020-24925

Summary: CVE-2020-24925 affects ElkarBackup v1.3.3 and exposes a sensitive source code path disclosure. What is affected: ElkarBackup, component path disclosure in the web UI, specifically the jobs/sort path, which reveals the full source code path: /app/elkarbackup/src/Binovo/ElkarBackupBundle/C...

FreeBSD-SA-20:27.ure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-20:27.ure Security Advisory The FreeBSD Project Topic: ure device driver susceptible to packet-in-packet attack Category: core Module: ure Announced: 2020-09-15...