Blog

[local] Aida64 6.00.5100 – ‘Log to CSV File’ Local SEH Buffer Overflow

Aida64 6.00.5100 – ‘Log to CSV File’ Local SEH Buffer Overflow


June 14, 2019 0

[local] CentOS 7.6 – ‘ptrace_scope’ Privilege Escalation

CentOS 7.6 – ‘ptrace_scope’ Privilege Escalation


June 14, 2019 0

[papers] Active Directory Enumeration with PowerShell

Active Directory Enumeration with PowerShell


June 14, 2019 0

[webapps] Sitecore 8.x – Deserialization Remote Code Execution

Sitecore 8.x – Deserialization Remote Code Execution


June 13, 2019 0

[webapps] FusionPBX 4.4.3 – Remote Command Execution

FusionPBX 4.4.3 – Remote Command Execution


June 12, 2019 0

[papers] LDAP Swiss Army Knife

LDAP Swiss Army Knife


June 12, 2019 0

[20190603] – Core – ACL hardening of com_joomlaupdate

Project: Joomla!
SubProject: CMS
Impact: Low
Severity: Low
Versions: 3.8.13 through 3.9.6
Exploit type: Incorrect Access Control
Reported Date: 2019-April-10
Fixed Date: 2019-June-11
CVE Number: CVE-2019-12764

Description
The update server URL of com…


June 11, 2019 0

[20190603] – Core – ACL hardening of com_joomlaupdate

Project: Joomla!
SubProject: CMS
Impact: Low
Severity: Low
Versions: 3.8.13 through 3.9.6
Exploit type: Incorrect Access Control
Reported Date: 2019-April-10
Fixed Date: 2019-June-11
CVE Number: CVE-2019-12764

Description
The update server URL of com…


June 11, 2019 0

[20190602] – Core – XSS in subform field

Project: Joomla!
SubProject: CMS
Impact: Moderate
Severity: Low
Versions: 3.6.0 through 3.9.6
Exploit type: XSS
Reported Date: 2019-January-01
Fixed Date: 2019-June-11
CVE Number: CVE-2019-12766

Description
The subform fieldtype does not sufficiently…


June 11, 2019 0