Lucene search
K

22 matches found

MSRC
MSRC
added 2026/02/09 12:0 a.m.8 views

How Asem Eleraky went from a shared family PC to finding critical vulnerabilities

In the world of vulnerability research, origin stories are rarely linear. For Asem Eleraky, the path to becoming a Microsoft MVR began not in a SOC lab or a university classroom, but with a single family PC and a short daily window to explore his growing interest in cybersecurity...

5.5AI score
Exploits0
Wordfence Blog
Wordfence Blog
added 2025/05/05 2:32 p.m.22 views

WordPress Security Research Series: Setting Up Your Research Lab

Welcome to Part 3 of the WordPress Security Research Beginner Series! If you haven’t yet, take a minute to check out the series introduction to get a sense of what this series is all about. You’ll also want to catch up on Part 1, where we dig into WordPress request architecture and hooks, and Par...

9.8CVSS7.3AI score0.92319EPSS
Exploits4
Github Security Blog
Github Security Blog
added 2023/10/10 9:21 p.m.35 views

OctoPrint vulnerable to Improper Neutralization of Special Elements Used in a Template Engine

Impact OctoPrint versions up until and including 1.9.2 contain a vulnerability that allows malicious admins to configure a specially crafted GCODE script through the Settings that will allow code execution during rendering of that script. An attacker might use this to extract data managed by...

6.5CVSS8AI score0.00568EPSS
Exploits1References6Affected Software1
Wordfence Blog
Wordfence Blog
added 2023/02/16 3:21 p.m.165 views

Wordfence Intelligence CE Weekly Vulnerability Report (Feb 6, 2023 to Feb 12, 2023)

In case you missed it, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence Community Edition. This database is continuously updated, maintained, and populated by Wordfences highly...

0.24263EPSS
Exploits17
ThreatPost
ThreatPost
added 2019/09/17 12:18 p.m.114 views

LastPass Fixes Bug That Leaks Credentials

LastPass has patched a bug that could potentially allow malicious websites to access a web user’s credentials from a previously visited site. Tavis Ormandy, a vulnerability researcher from Google Project Zero, discovered the flaw in the LastPass password manager and published it on the project’s...

1.2AI score
Exploits0References8
ICS
ICS
added 2018/02/01 12:0 a.m.28 views

Fuji Electric V-Server VPR

CVSS v3 8.6 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Fuji Electric Equipment: V-Server VPR Vulnerability: Stack-based Buffer Overflow AFFECTED PRODUCTS The following versions of V-Server VPR, a data collection and management service, are affected: V-Server VPR 4.0.1.0 a...

9.8CVSS9.9AI score0.03818EPSS
Exploits0References5
Openbugbounty
Openbugbounty
added 2017/10/01 5:51 a.m.12 views

eac.webstudy.com XSS vulnerability

Vulnerable URL: https://eac.webstudy.com/doc.php?id=13'"80 Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:| No Coordinated Disclosure Timeline: Description| Value...

6.3AI score
Exploits0
ICS
ICS
added 2017/02/23 12:0 a.m.71 views

Red Lion Controls Sixnet-Managed Industrial Switches, AutomationDirect STRIDE-Managed Ethernet Switches Vulnerability

CVSS v3 10 ATTENTION: Remotely exploitable. Low skill level is needed to exploit. Vendor: Red Lion Controls, AutomationDirect Equipment: Sixnet-Managed Industrial Switches and STRIDE-Managed Ethernet Switches Vulnerability: Use of Hard-coded Cryptographic Keys AFFECTED PRODUCTS The following Red...

10CVSS9.8AI score0.01563EPSS
Exploits0References3
ThreatPost
ThreatPost
added 2017/01/26 9:0 a.m.11 views

Four High-Severity Chrome Vulnerabilities Earn Researcher $32K in Rewards

For the second time in less than a year, researcher Mariusz Mlynski has earned more than $30,000 through Google’s Chrome Rewards program. Google on Wednesday released Chrome 56.0.02924.76 for Windows, Mac and Linux platforms, and Mlynski was credited with finding and disclosing four high-severity...

7.8AI score
Exploits0References5
Openbugbounty
Openbugbounty
added 2015/12/30 12:24 p.m.16 views

zooplus.se XSS vulnerability

Vulnerable URL: http://www.zooplus.se/feedback/form/shop"onmouseover="prompt'XSSPOSED' Details: Description| Value ---|--- Patched:| Yes, at 23.03.2016 Latest check for patch:| 23.03.2016 13:28 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 196084 Google...

6.3AI score
Exploits0
ThreatPost
ThreatPost
added 2015/01/23 11:2 a.m.45 views

PHP 5.6.5 Released With Several Security Fixes

Several new versions of PHP have been released, fixing a number of security vulnerabilities and other bugs in the popular scripting language. PHP 5.6.5 is the newest version of the language, and it has patches for a handful of vulnerabilities, including a use-after-free flaw that could lead to...

7.5CVSS0.8AI score0.1689EPSS
Exploits1References3
ThreatPost
ThreatPost
added 2014/10/06 2:13 p.m.18 views

Bugzilla Vulnerability Exposes Bug Collections

Hundreds of open source software projects that make use of Bugzilla, Mozilla’s bug-tracking software, anxiously await a patch for a vulnerability that exposes private bugs collected by the system. Mozilla is today expected to make available a patch for the vulnerability in its account creation...

0.6AI score
Exploits0References2
MSRC
MSRC
added 2013/10/08 7:0 a.m.11 views

Congratulations to James Forshaw Recipient of Our First $100,000 Bounty for New Mitigation Bypass Techniques!

Congratulations to James Forshaw for coming up with a new exploitation technique to get our first ever $100,000 bounty. A security vulnerability researcher with Context Information Security, James already came in hot with design level bugs he found during the IE11 Preview Bug Bounty, and we’re...

6.9AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2013/06/14 12:0 a.m.22 views

Facebook Mobile Bug Bounty #7 - Redirect Vulnerability

Document Title: =============== Facebook Mobile Bug Bounty 7 - Redirect Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=975 Facebook Security ID: 159243257 Release Date: ============= 2013-06-14 Vulnerability Laboratory ID VL-ID:...

Exploits0
Vulnerability Lab
Vulnerability Lab
added 2012/07/15 12:0 a.m.19 views

Barracuda SSL VPN - Input Filter Bypass Vulnerability

Document Title: =============== Barracuda SSL VPN - Input Filter Bypass Vulnerability References: =========== Download: http://www.vulnerability-lab.com/resources/videos/563.wmv View: http://www.youtube.com/watch?v=ICR0iFJkDg0 Advisory: http://www.vulnerability-lab.com/getcontent.php?id=661 News:...

7.1AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2012/07/15 12:0 a.m.16 views

Barracuda SSL VPN - Input Filter Bypass Vulnerability

Document Title: =============== Barracuda SSL VPN - Input Filter Bypass Vulnerability References: =========== Download: http://www.vulnerability-lab.com/resources/videos/563.wmv View: http://www.youtube.com/watch?v=ICR0iFJkDg0 Advisory: http://www.vulnerability-lab.com/getcontent.php?id=661 News:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2011/12/20 12:0 a.m.37 views

Joomla Matrimony SQL Injection

Exploit Title: Joomla Component commatrimony SQL Injection Vulnerability Author : CoBRa21 E-Mail : uykucu at windowslive.com Google Dork : inurl:index.php?option=commatrimony Status : High-Risk SQL Vulnerability http://127.0.0.1/PATH/index.php?option=commatrimony&action=view&id=2 SQL SQL Exploit...

0.8AI score
Exploits0
Packet Storm
Packet Storm
added 2011/12/19 12:0 a.m.21 views

Joomla Tsonymf SQL Injection

Exploit Title: Joomla Component comtsonymf SQL Injection Vulnerability Author : CoBRa21 E-Mail : uykucu at windowslive.com Google Dork : inurl:comtsonymf Status : High-Risk Script Page : null SQL Vulnerability...

0.7AI score
Exploits0
exploitpack
exploitpack
added 2011/12/19 12:0 a.m.13 views

Joomla! Component com_dshop - SQL Injection

Joomla! Component comdshop - SQL Injection Exploit Title: Joomla Component comdshop SQL Injection Vulnerability Author : CoBRa21 E-Mail : uykucu at windowslive.com Google Dork : inurl:comdshop Status : High-Risk Script Page : null Reference : https://www.securityfocus.com/bid/47971/info SQL...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2011/12/19 12:0 a.m.41 views

Joomla! Component com_dshop - SQL Injection

Exploit Title: Joomla Component comdshop SQL Injection Vulnerability Author : CoBRa21 E-Mail : uykucu at windowslive.com Google Dork : inurl:comdshop Status : High-Risk Script Page : null Reference : https://www.securityfocus.com/bid/47971/info SQL Vulnerability...

7AI score
Exploits0
Rows per page
Query Builder