HP-UX Running BIND, Remote Domain Name Revalidation
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1Note: the current version of the following document is available...
View ArticleJoomla Component com_movm SQL Injection Exploit (perl)
#Exploit Title: Joomla com_movm SQL Injection exploit#Dork: inurl:"index.php?option=com_movm"#Date: 24/12/2012#Exploit Author: D35m0nd142#Vendor Homepage: http://www.joomla.org#Tested on Ubuntu...
View ArticleWordpress Themes grou-random-image-widget Full Path Disclosure
-------------------------------------------------------------------------------Wordpress Themes- grou-random-image-widget Full Path Disclosure...
View ArticleCA IdentityMinder Vulnerabilities
CA20121220-01: Security Notice for CA IdentityMinderCA Technologies Support is alerting customers to two potential risks in CA IdentityMinder (formerly known as CA Identity Manager). Two...
View ArticlePersistent XSS vulnerability in WP-UserOnline
In 2010 I've disclosed multiple vulnerabilities (Cross-Site Scripting andFull path disclosure) in WordPress plugin WP-UserOnlineAnd recently I've disclosed the exploit for persistent XSS vulnerability...
View ArticleNetransfers 2.1 XSS / LFI / Traversal
Exploit Title: Netransfers V2.1 Multiple vulnerability# Date: 19.12.2012# Exploit Author: d3b4g# Vendor Homepage: http://marioemoreno.com/netransfers-demo/# Tested on:Windows 7# Blog: d3b4g.me...
View ArticlePHP-CGI Argument Injection Remote Code Execution
#!/usr/bin/pythonimport requestsimport sysprint """CVE-2012-1823 PHP-CGI Arguement Injection Remote Code ExecutionThis exploit abuses an arguement injection in the PHP-CGI wrapperto execute code as the...
View ArticleMetasploit: Microsoft SQL Server Database Link Crawling Command Execution...
## This file is part of the Metasploit Framework and may be subject to# redistribution and commercial restrictions. Please see the Metasploit# Framework web site for more information on licensing and...
View ArticleMetasploit: IBM Lotus Notes Client URL Handler Command Injection
###Credit: Moritz Jodeit, Sean de Regge, juan vazquez# This file is part of the Metasploit Framework and may be subject to# redistribution and commercial restrictions. Please see the Metasploit#...
View ArticleTop 10 IT security stories of 2012
nterprise IT security professionals faced increasingly sophisticated, stealthy and dynamic threats in 2012, but numerous surveys revealed that knowledge and understanding of the latest attack...
View ArticleOpen-Realty CMS 3.x Cross Site Request Forgery (CSRF) Vulnerability
1. OVERVIEWOpen-Realty CMS 3.x versions are vulnerable to Cross Site Request Forgery.2. BACKGROUNDOpen-Realty is the world's leading real estate listing marketing andmanagement CMS application, and has...
View ArticleOpen-Realty CMS 3.x Persistent Cross Site Scripting (XSS) Vulnerability
1. OVERVIEWOpen-Realty CMS 3.x versions are vulnerable to Persistent Cross SiteScripting (XSS).2. BACKGROUNDOpen-Realty is the world's leading real estate listing marketing andmanagement CMS...
View ArticleDevelopers of FlowTraq to Present a Breakout Session – “Identifying Network...
ProQSys, provider of scalable network security software for enterprise environments, announces Alexander Barsamian, FlowTraq R&D lead, will present a breakout discussion and NetFlow-based...
View ArticleClik here to view.
(Inclusive Funny Old School Short XMAS RAP) A year on the run: El Reg tracks...
Whoever thought 2012 would be boring without Steve Jobs has been proven wrong ... Tech industry scandal-watchers have been blessed with colourful antics from the likes of Kim Dotcom, Larry Ellison,...
View ArticleClik here to view.
THC-Hydra 7.4.1 logon cracker New Release
THC-Hydra A very fast network logon cracker which support many different services. See feature sets and services coverage page - incl. a speed comparison against ncrack and medusa Current Version:...
View ArticleSQLi Authentication Bypass Short List
This list can be used by penetration testers when testing for SQL injection authentication bypass.A penetration tester can use it manually or through burp in order to automate the process.The creator...
View ArticleMetasploit: WordPress Asset-Manager PHP File Upload Vulnerability
### This file is part of the Metasploit Framework and may be subject to# redistribution and commercial restrictions. Please see the Metasploit# Framework web site for more information on licensing and...
View ArticleMetasploit: WordPress WP-Property PHP File Upload Vulnerability
### This file is part of the Metasploit Framework and may be subject to# redistribution and commercial restrictions. Please see the Metasploit# Framework web site for more information on licensing and...
View ArticleVideo: TOP TEN WEB DEFENSES
Description: AbstractWe cannot hack or firewall our way secure. Application programmers need to learn to code in a secure fashion if we have any chance of providing organizations with proper defenses...
View ArticleGovt draws up plan to revamp cyber security of critical sectors
NEW DELHI: In its bid to meet the challenge of ever increasing cyber attacks and security in the virtual world, the government has set in motion a five-year project to revamp the entire cyber security...
View Article