U.S. Dept Of Defense: Access to admininstrative resources/account via path traversal

Description: A user can login as an administrator without the need of an ██████████ account, or an authenticated user can access and manipulate administrative resources without needing to login as an administrator. An ████████ ███████ account is required. References Impact Exfiltration of sensiti...

Suspected ‘Dr HeX’ Hacker Busted for 9 Years of Phishing

A Moroccan man suspected of being “Dr HeX” – the prolific threat actor behind a nine-year cyber-blitz on thousands of victims through phishing, website defacing, malware development, fraud and carding – has been arrested. Interpol announced the bust – which took place in Morocco in May – on...

eFiction 2.0.7 - Remote Admin Authentication Bypass

eFiction 2.0.7 - Remote Admin Authentication Bypass eFiction vulnerability I am releasing this to the public. Vendor was notified. Someone is also illegally defacing these websites under MY name, which is a shame because they ripped it from a private discussion on g00ns.net. This proof of concept...

eFiction < 2.0.7 - Remote Admin Authentication Bypass

eFiction vulnerability I am releasing this to the public. Vendor was notified. Someone is also illegally defacing these websites under MY name, which is a shame because they ripped it from a private discussion on g00ns.net. This proof of concept is not to be used to illegally hack websites. I do...