Piergiorgio Venuti

Cross-Site Request Forgery & Cross-Site Scripting in Contact Form Manager WordPress Plugin

Read More

Condividi


RSS

Piu’ articoli…

Categorie …

Tags

RSS CSIRT

RSS Dark Reading:

RSS Full Disclosure

  • [KIS-2021-02] docsify <= 4.11.6 DOM-based Cross-Site Scripting Vulnerability Febbraio 20, 2021
    Posted by research on Feb 19-------------------------------------------------------------- docsify
  • Backdoor.Win32.Bionet.10 / Anonymous Logon Febbraio 19, 2021
    Posted by malvuln on Feb 19Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/be559307f5cd055f123a637b1135c8d3.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Bionet.10 Vulnerability: Anonymous Logon Description: The backdoor listens on TCP port 12348 and allows anonymous logon credentials to be used to access an infected host. Type: PE32 MD5: be559307f5cd055f123a637b1135c8d3 Vuln ID:...
  • Backdoor.Win32.DarkKomet.apcc / Insecure Permissions Febbraio 19, 2021
    Posted by malvuln on Feb 19Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/8c82de32ab2b407451b9fc054c09f717.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.DarkKomet.apcc Vulnerability: Insecure Permissions Description: DarkKomet.apcc creates an insecure directory under c:\ drive granting change (C) permissions to the authenticated user group and drops an EXE named...
  • Backdoor.Win32.DarkKomet.bhfh / Insecure Permissions Febbraio 19, 2021
    Posted by malvuln on Feb 19Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/2e507b75c0df0fcb2f9a85f4a0c1bc04.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.DarkKomet.bhfh Vulnerability: Insecure Permissions Description: DarkKomet.bhfh creates a hidden insecure directory under c:\ drive granting change (C) permissions to the authenticated user group. The backdoor also drops an EXE named...
  • Multiple remote memory corruptions in Telegram's handling of animated stickers Febbraio 19, 2021
    Posted by polict of Shielder on Feb 19I have recently found and reported 13 memory corruptions to Telegram (https://telegram.org), you can find the just-published technical blog post at https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/ and advisories at https://www.shielder.it/advisories/ The vulnerable official clients for android, ios and macos have already been patched on september 30 and october 2, have a look […]
  • [CSA-2021-001] Cross-Site Request Forgery in Apache MyFaces Febbraio 19, 2021
    Posted by Certitude - Advisories on Feb 19~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~ Ceritude Securiy Advisory - CSA-2021-001 ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ PRODUCT […]
  • Backdoor.Win32.Agent.aak / Remote Buffer Overflow Febbraio 19, 2021
    Posted by malvuln on Feb 18Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/64f2fd4dbd9039e5bc054f475eaa582a_C.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.aak Vulnerability: Remote Buffer Overflow Description: The HTTP backdoor server HBKDR v0.3 listens on TCP port 8080 and accepts HTTP POST requests, by sending a specially crafted HTTP HEAD request payload […]
  • Backdoor.Win32.Agent.aak / Cross Site Request Forgery (CSRF) - Code Execution Febbraio 19, 2021
    Posted by malvuln on Feb 18Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/64f2fd4dbd9039e5bc054f475eaa582a_B.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.aak Vulnerability: Cross Site Request Forgery (CSRF) - Code Execution Description: Backdoor HTTP server HBKDR v0.3 executes commands on the infected host using an HTML form with POST method. The HTML […]
  • Backdoor.Win32.Agent.aak / Weak Hardcoded Credentials Febbraio 19, 2021
    Posted by malvuln on Feb 18Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/64f2fd4dbd9039e5bc054f475eaa582a.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.aak Vulnerability: Weak Hardcoded Credentials Description: The HTTP backdoor server HBKDR v0.3 listens on TCP port 8080 and accepts HTTP POST requests in order to execute commands on the infected system. […]
  • Rigged Race Against Firejail for Local Root: Using pipes/ptys to win races Febbraio 19, 2021
    Posted by Roman Fiedler on Feb 18Hello List, 100% reliable exploitation of file system time races (TOCTOU vulnerabilities) may be hard as the timing depends on numerous target system parameters (CPU cores, load, memory pressure, file system type, ...). Instead of optimizing the exploit to win the real race, the timing of Firejail stderr and […]

Customers

Newsletter