2016
06.26

This blog is mainly about security but I will add a drone section. The first post is related to my painful and regretful purchased of a Xiro Xplorer V few months ago. Everything went fine at the beginning but not for long…

Read More >>

2017
01.17

Salesforce event registration functionality allows for malicious script code to be inserted.

more details here.

2017
01.17

Hassium CMS version 0.10 suffers from a cross site scripting vulnerability.

more details here.

2017
01.17

Huawei Flybox B660 suffers from a cross site request forgery vulnerability.

more details here.

2017
01.17

WinaXe Plus 8.7 Buffer Overflow

WinaXe Plus version 8.7 suffers from a buffer overflow vulnerability.

more details here.

2017
01.17

Image Sharing Script version 4.13 suffers from cross site scripting and remote SQL injection vulnerabilities.

more details here.

2017
01.17

iSelect version 1.4 suffers from a local buffer overflow vulnerability.

more details here.

2017
01.17

Pirelli DRG A115 ADSL router unauthenticated remote DNS changer exploit.

more details here.

2017
01.17

Tenda ADSL2/2+ Modem D840R unauthenticated remote DNS changer exploit.

more details here.

2017
01.17

PHP LibGD Heap Buffer Overflow

Proof of concept exploit for CVE-2016-3074 targeting Ubuntu 15.10 x86-64 with php5-gd and php5-fpm running behind nginx.

more details here.

2017
01.17

Apple iTunes suffers from a malicious script insertion vulnerability.

more details here.