2016
06.26

This blog is mainly about security but I will add a drone section. The first post is related to my painful and regretful purchased of a Xiro Xplorer V few months ago. Everything went fine at the beginning but not for long…

Read More >>

2017
04.28

TYPO3 News Module SQL Injection

The TYPO3 News module suffers from a remote SQL injection vulnerability.

more details here.

2017
04.28

Easy File Uploader suffers from a remote shell upload vulnerability.

more details here.

2017
04.28

Simple File Uploader suffers from an arbitrary file download vulnerability.

more details here.

2017
04.28

There is a memory corruption vulnerability in Microsoft Internet Explorer. The vulnerability was confirmed on version 11.576.14393.0 (update version 11.0.38) running on Windows 10 64-bit with page heap enabled for iexplore.exe process.

more details here.

2017
04.28

http://www.nlt.go.th/security/lang.tmp notified by Ashiyane Digital Security Team

mirror site here.

2017
04.27

credit VulnLab

2017
04.27

Adventures in Automotive Networks and Control Units (aka car hacking) is an overview of the original work by Charlie Miller and Chris Valasek that covers CAN bus sniffing, injection, and attacks against a Toyota Prius and Ford Escape. Also included are all the tools they used and related data.

more details here.

2017
04.27

Private Tunnel Client version 2.8 local buffer overflow SEH exploit.

more details here.

2017
04.27

Flyspray version 1.0-rc4 suffers from a cross site scripting vulnerability.

more details here.

2017
04.27

Joomla MyPortfolio component version 3.0.2 suffers from a remote SQL injection vulnerability.

more details here.