IEDB Team Discover phpfusion Denial of Service Vulnerability
IEDB team member -Amir- discover vulnerability in phpfusion search page -http://phpfusion.org- See http://iedb.ir/exploits-2105.html for detail. Amir sends greats to: Bl4ck M4n – ErfanMs – 4ntr4x – N20 – Bl4ck N3T – dr.koderz – Enddo – E1.Coders – Behnam Vanda E2MA3N –…
IEDB Discover PARSADEV CMS XSS Vulnerability
IEDB team discover PARSADEV CMS XSS Vulnerability. All detail see http://iedb.ir/exploits-2122.html IEDB greats: Bl4ck M4n – ErfanMs – 4ntr4x – N20 – Bl4ck N3T – dr.koderz – Enddo – E1.Coders – Behnam Vanda E2MA3N – l4tr0d3ctism – H-SK33PY – sole sad…
Iran-Cyber Team Discover Bug in Multiple Blogs
Announce bug discovered in multiple blogs by Iran-Cyber team –http://iran-cyber.in/cc/– from member Mohammad Nofozi who informed ICNA of bug in following blogs: http://niloblog.com http://www.abarblog.ir http://www.blogdehi.com http://blogerfa.ir http://gemblog.net http://www.blogstu.com http://blogpu.ir http://www.blogw.ir http://www.blogtez.com Mohammad Nofozi informed site admins and security teams of…
POODLE SSL 3.0 Vulnerability
Announce POODLE SSL 3.0 Vulnerability. POODLE -Padding Oracle On Downgraded Legacy Encryption- vulnerability exist in SSL 3.0 as published in CVE-2014-3556 POODLE is flaw in browsers handing encryption- by negotiate down to SSL 3.0 attackers can alter padding data at…
Shellshock Bash Important Vulnerability
Announce a severe vulnerability called shellshock affects many version of bash – is a 22 year old bug, from version 1.13 and up to version 4.3- command interpreter which is a important security risk to unix linux and apple OS…
WordPress Slider Revolution Plugin Vulnerability
Announce WordPress slider revolution plugin vulnerability affects version 4.1.4 and older versions of plugin reported by Iranian Information Technology Security News –itsn.ir– Although version 4.2 of this plugin, which fixed vulnerability – recently – some themes continue to use have previous…
IEDB Discover Magsad CMS XSS
Announce security team IEDB – Iranian Exploit DataBase – discovered Cross-Site Scripting Vulnerability in Magsad CMS, discover by Amir. Cross-site scripting – XSS – is a type of computer security vulnerability typically found in Web applications. XSS enables attackers to…
IEDB Discover Cross-Site Scripting Vulnerabilities
Security team IEDB – Iranian Exploit DataBase – discovered Cross-Site Scripting Vulnerabilities in two CMS software. STI-CS CMS – http://sti-cs.com/ – and ehsanweb CMS -http://www.ehsanweb.com – have vulnerability discovered by Amir. Cross-site scripting – XSS – is a type of…
WordPress CK-And-SyntaxHighLighter Arbitrary File Upload
Announce finding by Hekt0r – member of Iran Security Group- of discovering vulnerability -Wordpress ck-and-syntaxhighlighter Plugin Remote File Upload vulnerability- Remote File Inclusion allows an attacker to include a remote file, usually through a script on the web server. The…
Hekt0r Discovers J&W CMS SQL Vulnerability
Member of Iran Security Group, Hekt0r, discovered SQL Injection Vulnerability in J&W Communications CMS program. J&W Communications CMS program website is www.jw-com.com Credits from Hekt0r were: [+] Special Thanks: Root SmasheR, Mr.Moein, UmPire, Ali Ahmady, Saeed.Jok3r M4hdi, Black Hacker, Vahid…