Threat Roundup for May 19 to May 26

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between May 19 and May 26. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

CVE-2020-23352

Z-BlogPHP 1.6.0 Valyria is affected by incorrect access control. PHP loose comparison and a magic hash can be used to bypass authentication. zbuser/plugin/passwordvisit/include.php:passwordvisitinputpassword uses loose comparison to authenticate, which can be bypassed via magic hash values...

Authentication flaw

Z-BlogPHP 1.6.0 Valyria is affected by incorrect access control. PHP loose comparison and a magic hash can be used to bypass authentication. zbuser/plugin/passwordvisit/include.php:passwordvisitinputpassword uses loose comparison to authenticate, which can be bypassed via magic hash values...

CVE-2020-23352

Z-BlogPHP 1.6.0 Valyria is affected by incorrect access control. PHP loose comparison and a magic hash can be used to bypass authentication. zbuser/plugin/passwordvisit/include.php:passwordvisitinputpassword uses loose comparison to authenticate, which can be bypassed via magic hash values...

CVE-2020-23352

CVE-2020-23352 affects Z-BlogPHP 1.6.0 Valyria. The vulnerability lies in zb_user/plugin/passwordvisit/include.php:passwordvisit_input_password(), which uses loose comparisons for authentication, allowing bypass via magic hash values and resulting in an authentication bypass (no information discl...

Threat Roundup for Jan. 18 to Jan. 25

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Jan. 18 and Jan. 25. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...

Threat Roundup Sept 28 - Oct 5

Today, as we do every week, Talos is giving you a glimpse into the most prevalent threats we’ve observed this week — covering the dates between Sept. 28 and Oct. 5. As with previous roundups, this post isn’t meant to be an in-depth analysis. Instead, we will summarize the threats we’ve observed b...

Threat Round Up for Dec 01 - Dec 08

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between December 01 and December 08. As with previous round-ups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavior...

Threat Round-up for June 2 - June 9

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 02 and June 09. As with previous round-ups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavior characteristics,...