21
Sep
2018
Antidote, a spell checker program for Windows, Linux and macOS operating systems, has been affected by a remote code execution against the update component.
Antidote, a spell checker program for Windows, Linux and macOS operating systems, has been affected by a remote code execution against the update component.
We found a Cross-site scripting (XSS) vulnerability in Dolibarr, which is an "Open Source ERP & CRM for Business" used by many companies worldwide.
We found a SQL injection (SQLi) vulnerability in Dolibarr, which is an "Open Source ERP & CRM for Business" used by many companies worldwide.
We found a Remote Code Execution (RCE) vulnerability in Dolibarr, which is an "Open Source ERP & CRM for Business" used by many companies worldwide.
Several vulnerabilities have been discovered in domains recently acquired by Google between 2017, April and 2017, September.
The reported vulnerabilities are related to the following domains: withgoogle.com and kaggle.com.
The flaws are of the following kinds: broken access control, directory traversal and XSS vulnerabilities.
Cet article introduit le sujet de l'exploitation de vulnérabilités dans la gestion de la mémoire basée sur le tas.
We found and reported some XSS vulnerabilities in Grav CMS, a markdown based content management platform.
The Hershell project is a Go source code that is able to generate a reverse shell payload that is cross-platform and able to integrate with the Metasploit framework, among several other features like low detection rate with antivirus and TLS encryption.
Le projet Hershell a pour but de réaliser un payload de type reverse shell multi-plate-forme, en utilisant un code source unique réalisé en Go.
Il peut ainsi s'intégrer au framework Metasploit avec un bon niveau de furtivité vis-à-vis des solutions antivirales.
Gespage is web solution providing a printer portal. Official Website: http://www.gespage.com/
The web application does not properly filter several parameters sent by users, allowing XSS code injection. These vulnerabilities allow attackers to inject code inside the client web browser, such as malicious scripts in Javascript. Exploitation leads to a full takeover of the web browser, and potentially the operating system.