Friday , August 18 2017 12:30 PM
Home / Exploits / Web Application Exploits

Web Application Exploits

Websites Can Now Track You Online Across Multiple Web Browsers

You might be aware of websites, banks, retailers, and advertisers tracking your online activities using different Web “fingerprinting” techniques even in incognito/private mode, but now sites can track you anywhere online — even if you switch browsers. A team of researchers has recently developed a cross-browser fingerprinting technique — the …

Read More »

Don’t Fall For This Dangerously Convincing Ongoing Phishing Attack

Security researchers have discovered a new phishing campaign targeting Gmail users, which is so convincing and highly effective that even tech-savvy people can be tricked into giving away their Google credentials to hackers. The attackers first compromise a victim’s Gmail account, and once they are in, they start rifling through …

Read More »

Critical PHPMailer Flaw leaves Millions of Websites Vulnerable to Remote Exploit

A critical vulnerability has been discovered in PHPMailer, which is one of the most popular open source PHP libraries to send emails used by more than 9 Million users worldwide. Millions of PHP websites and popular open source web applications, including WordPress, Drupal, 1CRM, SugarCRM, Yii, and Joomla comes with …

Read More »

GitLab Patches Command Execution Vulnerability

Developers with GitLab this week fixed a critical vulnerability in the open source repository management software that could have led to command execution and allowed an authenticated user to gain access to sensitive application files, tokens, or secrets. HackerOne cofounder Jobert Abma unearthed the vulnerability last week and reported it …

Read More »

Multiple Critical Remotely Exploitable Flaws Discovered in Memcached Caching System

Hey Webmasters, are you using Memcached to boost the performance of your website? Beware! It might be vulnerable to remote hackers. Three critical Remote Code Execution vulnerabilities have been reported in Memcached by security researcher Aleksandar Nikolich at Cisco Talos Group that expose major websites, including Facebook, Twitter, YouTube, Reddit, …

Read More »

Data Breach — Oracle’s Micros Payment Systems Hacked

The risks associated with data breaches continue to grow, impacting a variety of industries, tech firms, and social networking platforms. In the past few months, over 1 Billion credentials were dumped online as a result of mega breaches in popular social networks. Now, Oracle is the latest in the list. …

Read More »

Warning: 100+ Tor Nodes Designed to Spy on Hidden Services

Two researchers, Amirali Sanatinia and Guevara Noubir, from Northwestern University, carried out an experiment on the Tor Network for 72 days and discovered at least 110 malicious Tor Hidden Services Directories (HSDirs) on the network. Cory Doctorow explains: These nodes — ordinary nodes, not exit nodes — sorted through all …

Read More »

Multiple XSS security vulnerabilities in the Visual Composer WordPress plugin

There are multiple XSS security vulnerabilities in the Visual Composer WordPress plugin versions prior to 4.7.4 (releases prior to October 2, 2015). Finally WP Bakery, the creators of Visual Composer, who have addressed all identified vulnerabilities and undertaken a code audit to ensure that it is as secure as possible.Developers  whose …

Read More »

Photos in Wifi v1.0.1 iOS

Document Title: =============== Photos in Wifi v1.0.1 iOS - Arbitrary File Upload Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1600 Release Date: ============= 2015-09-28 Vulnerability Laboratory ID (VL-ID): ==================================== 1600 Common Vulnerability Scoring System: ==================================== 8.6 Product & Service Introduction: =============================== Share the photos and videos of your iPhone/iPad in wifi. Upload photos …

Read More »

Powered by themekiller.com anime4online.com animextoon.com apk4phone.com tengag.com moviekillers.com