Shellshock Bash Important Vulnerability
Announce a severe vulnerability called shellshock affects many version of bash – is a 22 year old bug, from version 1.13 and up to version 4.3- command interpreter which is a important security risk to unix linux and apple OS…
WordPress Slider Revolution Plugin Vulnerability
Announce WordPress slider revolution plugin vulnerability affects version 4.1.4 and older versions of plugin reported by Iranian Information Technology Security News –itsn.ir– Although version 4.2 of this plugin, which fixed vulnerability – recently – some themes continue to use have previous…
IEDB Discover Magsad CMS XSS
Announce security team IEDB – Iranian Exploit DataBase – discovered Cross-Site Scripting Vulnerability in Magsad CMS, discover by Amir. Cross-site scripting – XSS – is a type of computer security vulnerability typically found in Web applications. XSS enables attackers to…
IEDB Discover Cross-Site Scripting Vulnerabilities
Security team IEDB – Iranian Exploit DataBase – discovered Cross-Site Scripting Vulnerabilities in two CMS software. STI-CS CMS – http://sti-cs.com/ – and ehsanweb CMS -http://www.ehsanweb.com – have vulnerability discovered by Amir. Cross-site scripting – XSS – is a type of…
WordPress CK-And-SyntaxHighLighter Arbitrary File Upload
Announce finding by Hekt0r – member of Iran Security Group- of discovering vulnerability -Wordpress ck-and-syntaxhighlighter Plugin Remote File Upload vulnerability- Remote File Inclusion allows an attacker to include a remote file, usually through a script on the web server. The…
Hekt0r Discovers J&W CMS SQL Vulnerability
Member of Iran Security Group, Hekt0r, discovered SQL Injection Vulnerability in J&W Communications CMS program. J&W Communications CMS program website is www.jw-com.com Credits from Hekt0r were: [+] Special Thanks: Root SmasheR, Mr.Moein, UmPire, Ali Ahmady, Saeed.Jok3r M4hdi, Black Hacker, Vahid…
Multiple CMS Vulnerabilities Discovered By IEDB
Security team Iranian Exploit Database – IEDB – and team IrIsT has discovered multiple vulnerabilities in CMS software by NeginGroup and rasanehpardaz. NeginGroup CMS has vulnerability of SQL injection and cross-site scripting – XSS. Rasanehpardaz CMS has vulnerability of only…
Tonel Team Discover SOFTWeb SQL Vulnerability
New SQL vulnerability in SOFTWeb Cmd has been discovered by Iranian security team Tonel Team. SOFTWeb Adaptive I.T. Solutions® is an innovative company that specializes in web – mobile application development and delivery of integrated technology services. Vulnerability discovered by…
Grey Hat Boys Discover Full Path Disclosure Vulnerabilities
Iranian security team Grey Hat Boys have discovered Full Path Disclosure – FPD – vulnerabilities in three different web software. OpenCart 1.5.4, WordPress wp-shopping-cart and CMSMadeSimple version 1.11.10 are found vulnerable by Grey Hat Boys. Full Path Disclosure vulnerabilities enable…
MyBB Heartbleed Exploit By E2MA3N
Iranian security researcher E2MA3N has made MyBB exploit program for Heartbleed vulnerability. E2MA3N in cooperation with Red Hat Hackers – RHH – made a small program to use on vulnerability CVE-2014-0160. Vulnerability CVE-2014-0160 or Heartbleed: The (1) TLS and (2)…