Update: 2017 => You can find latest posts here… https://www.xc0re.net
Monthly Archives: September 2012
September 2012 M T W T F S S 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30
- 67 Anonymity anonymous Antispyware Antivirus art Avast BSR-webweaver bypass Bypass WAF Cherokee Web Server Cisco cracker deception Denial Of Service detection Directory Traversal disclaimer DOS email Exploit exploitation ezine Facebook facebook Directory Facebook hack firewall ftp GET Hackers hack firewalls hacking Hacking & Security hopster Http Server intrusion Kolibri+ Webserver 2 password perl exploit code Personal Firewall phrack Port port 25 proxy review scripts Security Skull security smtp social network spam subscriber manager sunray thin client Tor tunnel username usman saeed version 0.5.4 version 1.33 vulnerability vulnerbility Web applicattion firewalls websense Webserver exploit white hats Xc0re xc0re.net xc0re security research group Xitami Xitami 5.0a0 XSS zeroday exploit Zonealarm ZyXEL P-660R ZyXEL P-660R-T1 V2
- Purple Fox EK Adds Microsoft Exploits to Arsenal dlvr.it/Rb3jx2 https://t.co/Yb4DHrkfBH 1 hour ago
- Email Sender Identity is Key to Solving the Phishing Crisis dlvr.it/Rb3RrV https://t.co/MNxg0fdOyy 2 hours ago
- How to Assess More Sophisticated IoT Threats dlvr.it/Rb3RHL https://t.co/0lamtkQO6y 2 hours ago
- Attackers are breaching F5 BIG-IP devices, check whether you’ve been hit dlvr.it/Rb38Kd 4 hours ago
- ThiefQuest Ransomware for the Mac dlvr.it/Rb30ZR 5 hours ago
- Android o2 Business 1.2.0 Open Redirect July 3, 2020o2 Business for Android version 1.2.0 suffers from an open redirection vulnerability.
- AppleiOS 13.5.1 Resource Exposure July 3, 2020Apple iOS version 13.5.1 suffers from an issue where it is possible to circumvent the copy and paste restriction from the company profile to the private profile. Thus, it is possible to extract attachments that can be previewed ("Quick Look") in the native Mail client to any private app.
- Froala WYSIWYG HTML Editor 3.1.1 Cross Site Scripting July 3, 2020Froala WYSIWYG HTML Editor versions 3.0.6 through 3.1.1 suffer from a cross site scripting vulnerability.
- Bolt CMS 3.7.0 XSS / CSRF / Shell Upload July 3, 2020Bolt CMS versions 3.7.0 and below suffer from cross site request forgery, cross site scripting, and remote shell upload vulnerabilities that when combined can achieve remote code execution in one click.
- OCS Inventory NG 2.7 Remote Code Execution July 3, 2020OCS Inventory NG version 2.7 suffers from a remote code execution vulnerability.
- ZenTao Pro 8.8.2 Command Injection July 3, 2020ZenTao Pro version 8.8.2 suffers from a remote command injection vulnerability.
- AnyDesk GUI Format String Write July 2, 2020The AnyDesk GUI is vulnerable to a remotely exploitable format string vulnerability. By sending a specially crafted discovery packet, an attacker can corrupt the frontend process when it loads or refreshes. While the discovery service is always running, the GUI frontend must be started to trigger the vulnerability. On successful exploitation, code is execute […]
- EQDKP Plus CMS 2.3.29 Cross Site Scripting July 2, 2020EQDKP Plus CMS versions 2.3.29 and below suffer from a cross site scripting vulnerability.
- macOS Privacy Protection Bypass July 2, 2020Proof of concept Xcode project that leverages Safari to demonstrate a macOS privacy protections bypass vulnerability.
- Packet Storm New Exploits For June, 2020 July 1, 2020This archive contains all of the 127 exploits added to Packet Storm in June, 2020.
- Android o2 Business 1.2.0 Open Redirect July 3, 2020
- Defense in depth -- the Microsoft way (part 62): Windows shipped with end-of-life components February 25, 2020
- Local information disclosure in OpenSMTPD (CVE-2020-8793) February 25, 2020
- LPE and RCE in OpenSMTPD's default install (CVE-2020-8794) February 25, 2020
- [SECURITY] [DSA 4633-1] curl security update February 25, 2020
- Cisco Unified Contact Center Express Privilege Escalation Vulnerability (CVE-2019-1888) February 25, 2020
- [TZO-22-2020] Qihoo360 | GDATA | Rising | Command Generic Malformed Archive Bypass February 24, 2020