[webapps] – PRADO PHP Framework 3.2.0 Arbitrary File Read Vulnerability
PRADO PHP Framework 3.2.0 Arbitrary File Read Vulnerability
[webapps] – SmartCMS (index.php, idx parameter) SQL Injection Vulnerability
SmartCMS (index.php, idx parameter) SQL Injection Vulnerability
Sunday Roundup – Huffington Post (blog)
Sunday Roundup Huffington Post (blog) Apart from small caches of WMD found in Iraq (according to WikiLeak docs) "capability" was reason enough to take down the Terror Master of Iraq and end his menacing reign.
[webapps] – ES CmS 0.1 Sql Injection Vulnerability
ES CmS 0.1 Sql Injection Vulnerability
[webapps] – jBilling 3.0.2 Cross Site Scripting Vulnerability
jBilling 3.0.2 Cross Site Scripting Vulnerability
[remote] – Apple QuickTime 7.7.2 TeXML Style Element font-table Field Stack Buffer Overflow
Apple QuickTime 7.7.2 TeXML Style Element font-table Field Stack Buffer Overflow
Killing passwords and whistleblowing hackers: top stories you need to read
Passwords are safe. Hackers have nefarious motives
Twitter 5.0 Eavesdropping Proof Of Concept
The Twitter 5.0 application for iPhone grabs images over HTTP and due to this, allows for a man in the middle attack / image swap. Proof of concept included.
[dos] – lighttpd 1.4.31 Denial of Service PoC
lighttpd 1.4.31 Denial of Service PoC