SCIM 2.0 Token Search Extension
Abstract The SCIM 2.0 Core API defines a simple profile for searching for specific resource types using filters and qualifiers in combination with the HTTP GET verb. The Token Search...
View ArticleSQL/XSS/phpinfo() Fuerza Aera Paraguaya
######################Exploit######################## Exploit Title: SQL/XSS/phpinfo() Fuerza Aera Paraguaya## Exploit Author: YeiZeta## Category: Web...
View ArticleWordpress Remote Exploit - W3 Total Cache
From the developers' description [1], W3 Total Cache is:The most complete WordPress performance framework.Recommended by web hosts like: MediaTemple, Host Gator, Page.ly and WP Engine and countless...
View ArticleU.S., Russia forge 'action plan' on piracy
he two countries agree on a plan to curtail theft of intellectual property, after President Obama grants Russia "permanent normal trade relations" and the two nations agree to have the WTO's tenets...
View ArticleGoogle to scan Chrome extensions, bans auto-install
Google-as-curator is upon usGoogle has taken two steps to prevent its Chrome browser becoming an attack vector for malware that runs as extensions to the browser.Like many other browsers, Chrome allows...
View ArticleNQ Mobile™ Contributes tips to the FCC's New Cross Platform Smartphone...
DALLAS, Dec. 24, 2012 /PRNewswire/ -- With the Federal Communications Commission (FCC) reporting that more than 40 percent of smartphone users have no antivirus software on their smartphones and less...
View Article[TOOL RELEASE] SQL Fingerprint powered by ENG++ Technology [Version...
[Description]Microsoft SQL Server fingerprinting can be a time consuming process, because it involves trial and error methods todetermine the exact version. Intentionally inserting an invalid input to...
View ArticleCity Directory Review and Rating Script (search.php) SQLi Vulnerability
# Exploit Title: City Directory Review and Rating Script SQL InjectionVulnerability# Date: 22.12.2012# Author: 3spi0n# Script Vendor or Software...
View ArticleWhere OS X security stands after a volatile 2012 And where are we going with...
2012 was an "exciting" year for OS X security—at least if you're a security expert or researcher. There were plenty of events to keep people on their toes. Although Apple took some egg on the face for...
View ArticleMyBB AwayList Plugin (index.php, id parameter) SQLi Vulnerability
# Exploit Title: AwayList MyBB plugin SQLi 0day# Exploit Author: Red_Hat [Team Vect0r]# Software Link: http://mods.mybb.com/view/awaylist# Tested on: Windows & Linux.Vulnerable code :<?php$query...
View ArticleWordpress Themes- shotzz Full Path Disclosure vulnerability
# Exploit Title: Wordpress Themes- shotzz Full Path Disclosure vulnerability# Author: The Black Devils# Category : [ webapps ]# Type : php# Tested on: [Windows] &...
View ArticleWordpress Themes- yvora Full Path Disclosure vulnerability
# Exploit Title: Wordpress Themes- yvora Full Path Disclosure vulnerability# Author: The Black Devils# Category : [ webapps ]# Type : php# Tested on: [Windows] &...
View ArticleWordpress Themes- vithy Full Path Disclosure vulnerability
# Exploit Title: Wordpress Themes- vithy Full Path Disclosure vulnerability# Author: The Black Devils# Category : [ webapps ]# Type : php# Tested on: [Windows] &...
View ArticleWordpress Themes- appius Full Path Disclosure vulnerability
# Exploit Title: Wordpress Themes- appius Full Path Disclosure vulnerability# Author: The Black Devils# Category : [ webapps ]# Type : php# Tested on: [Windows] &...
View ArticleRevealed: NSA targeting domestic computer systems in secret test
Newly released files show a secret National Security Agency program is targeting the computerized systems that control utilities to discover security vulnerabilities, which can be used to defend the...
View ArticleAutomated Static Malware Analysis with Pythonect
About 5 months ago I have released the first version of Pythonect - a new, experimental, general-purpose high-level dataflow programming language based on Python, written in Python.It aims to combine...
View Articlenew scripts/modules/exploits added to Nmap, OpenVAS, Metasploit, and Nessus
This report describes any new scripts/modules/exploits added to Nmap,OpenVAS, Metasploit, and Nessus since yesterday.== Metasploit modules (2) ==r16227...
View ArticleCritical Israeli Data Breach
It appears my words sometimes go unnoticed. As always this information is for education purposes. We show these compromised systems so that you understand the current threat environment that surrounds...
View ArticleToday And Yesterday's NIST CVE Issuance's For Vulnerabilities In NetIQ...
Click on the underlined CVE for additional vuln specific infoCVE-2012-5932Summary: Eval injection vulnerability in the ldapagnt_eval function in ldapagnt.dll in unifid.exe in NetIQ Privileged User...
View ArticleEMC Data Protection Advisor Information Disclosure Vulnerability
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1ESA-2012-060: EMC Data Protection Advisor Information Disclosure Vulnerability.EMC Identifier: ESA-2012-060CVE Identifier: CVE-2012-4616Severity Rating: CVSS...
View Article