CVE-2021-35246 Unprotected Transport of Credentials (HSTS) Vulnerability

The application fails to prevent users from connecting to it over unencrypted connections. An attacker able to modify a legitimate user's network traffic could bypass the application's use of SSL/TLS encryption and use the application as a platform for attacks against its users...

23% of Tor browser relays found to be stealing Bitcoin

By Sudais Asif The threat actor was able to see the user's transmitted data on the Tor browser and tamper with it for their own ill-motives. This is a post from HackRead.com Read the original post: 23% of Tor browser relays found to be stealing Bitcoin...

Google Document Embedder 2.5.16 SQL Injection

Exploit Title : Google Document Embedder 2.5.16 mysqlrealescpaestring bypass SQL Injection Data : 2014 – 12 -03 Exploit Author : Securely Yoo Hee man Plugin : google-document-embedder Fixed version : N/A Software Link : https://downloads.wordpress.org/plugin/google-document-embedder.2.5.16.zip 1...

Invision Power Board (IP.Board) 2.1.7 - ACTIVE Cross-Site Scripting SQL Injection

Invision Power Board IP.Board 2.1.7 - ACTIVE Cross-Site Scripting SQL Injection ---- INVISION POWER BOARD 2.1.7 EXPLOIT ... ITDefence.ru Antichat.ru INVISION POWER BOARD 2.1.7 ACTIVE XSS/SQL INJECTION Eugene Minaev [email protected] / \ \ \ / .\ / /// // / \ / \ // / / / /// /\ / / / / // /...

ultimate-bb.txt

I set up a script on some server somewhere that will mail me the contents of "whatever" in a url query as such - http://somehost.com/somescript.php/cgi/pl/asp?contents="whatever" when I have that script in place I post a message on the board that I wish to steal peoples passes from withfor Intern...