Ehsan Cod3r Discovers Mail.Ru Vulnerability
Iranian whitehat cybersecurity researcher Ehsan Hosseini -aka Ehsan Cod3r- has disclosed a send edited message vulnerability in the Russian mail provider software mail.ru. The vulnerability is in the design allowing a potential privilege escaltion to the attacker. Ehsan Cod3r also credits…
Ashiyane Find Siemens Simatic STEP7 DLL Bug
Security researcher Amir.ght of Iranian group Ashiyane Digital Security Team claims to have found a DLL Hijacking vulnerability in the following software: SIMATIC Manager Step7 -versions >= 5.5 SP1-, for the SIEMENS STEP 7/S7 Programmable Controller. This builds on a…
Ashiyane Find Multiple Bugs In Webworx Design
Researchers of the Ashiyane Digital Security Team have discover three seperate vulnerabilities in Webworx Design Group product -http://www.easynetsites.com/-: Dork : intext:”Design by Webworx Design Group • Powered by EasyNetSites.com Webware” cpage.php?pt= XSS vulnerability Link: https://cxsecurity.com/issue/WLB-2016120119 Cross-site scripting -XSS- is type…
Iran Cyber Security Group Find Zend Bug
Hacker JACKSON of the team Iran Cyber Security Group have made find vulnerability in Zend Framework -https://framework.zend.com- Zend Framework is a collection of professional PHP packages with more than 94 million installations. It can be used to develop web applications…
Persian Hack Team Find Router DoS Vuln
Iranian hacker Mojtaba MobhaM of team Persian Hack Team is make discover of a vulnerable daemon parameter, which has cause a DoS -Denial of Service- condition in the router: Gnet AD1504 Wlan Adsl2+ Router Bug is discovered by : Mojtaba…
Persian Hack Team Expose DLL Hijacking Bug
Hackers of the team Persian Hack Team has discover a DLL hijacking vulnerability -requires local access to exploit- in: CodeBlocks -version 12.11- DLL hijacking involve replacement of desired DLL -Dynamic Link Library- with a malicious DLL of the same name…
Iranonymous Find Admin Page Bypass Upload Bug
Hacker Saman.Tab of the team Iranonymous have discover Admin Page Bypass upload shell in “Managed By MINE SOLUTIONS” Link is here: https://cxsecurity.com/issue/WLB-2016120108 Saman.Tab is say thanks to : MR.Khatar || ll_azab-siyah_ll || Rising || Blackwolf_Iran ||Ormazd ||Sh@d0w ||mohammad Pn ||Shdmehr…
Busy November for IEDB!
November was a busy month for Amir from IEDB. He was busy not only doing all the work with the team, he also was busy doing activity himself! In these few days, successful exploitation was carried out on Mikrotik routers…
Ashiyane DST Discover DLL Flaws in Acunetix
Security researchers from the elite Ashiyane Digital Security Team have discovered a vulnerability in Acunetix -version 10.0- Acunetix is a company that makes web and network application scanners. Acunetix automatically crawls and scans off-the-shelf and custom-built websites and web applications for…
Rayan Information Technology SQLi Vulnerability
As reported on CXSecurity.com, cracker VAHiD ZOOM has found a SQL injection vulnerability on web designer platform of Rayan Information Technology. Examples of this vulnerability can be seen at following locations: http://sport-ac.ir/uploaded/view_file_group.php?ci=59%27 http://handballrazavi.ir/uploaded/view_file_group.php?ci=11%27 http://anjomanharazavi.ir/uploaded/view_file_group.php?ci=3%27 http://dartrazavi.ir/uploaded/view_file_group.php?ci=4%27 http://www.tabaran.com/uploaded/view_file_group.php?ci=5%27 With attention to the…