File Write Vulnerability in Cscms v4.1.8

Cscms is a diversified content management system developed using PHP5+MYSQL as the technical basis. A file write vulnerability exists in Cscms v4.1.8, which is due to the system failing to effectively filter input parameters and file paths. An attacker can use this vulnerability to inject Trojan...

Arbitrary File Creation Vulnerability in YidaCMS Web Management System JS1.8.0 Version

YidaCMS website management system is a simple, practical and efficient website builder. YidaCMS website management system JS1.8.0 version exists arbitrary file creation vulnerability, the attacker through the creation of parsable script file, edit and save the Trojan code will be injected into th...

Revamped Nukebot Malware Changes Targets, Adds Functions

A revamped version of the Nukebot banking trojan dubbed Jimmy Nukebot has shifted focus from stealing bankcard data and now acts as a conduit for quietly downloading malicious payloads for web-injects, cryptocurrency mining, and taking screenshots of targeted systems. The code is a modification o...

PT-2006-5448 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 2.6.16 through 2.6.17.11 Description: The issue concerns weak permissions in the source code tar archive of the Linux kernel, potentially allowing local users to insert malicious code that could be used during the next...

Multiple Mozilla / Firefox / Thinderbird vulnerabilities

Javascript code execution, heap memory corruption with styles, memory corruption with QueryInterface, code execution with XULDocument.persist, multiple integer overflows, information leak from nsExpatDriver::ParseBuffer. Silen trojan code installation is potentially possible...