4tt4ck3r Discovers XSS Vulnerability for London University
After some time we are pleased to see return 4tt4ck3r, who has had many successes with XSS vulnerabilities in the past and if God helps hopefully also in the future. The latest vulnerability discovered by 4tt4ck3r is on the website…
ZeroSec Discover Open Redirect Vulnerability in Amazon Simple Storage Service (S3)
ZeroSec (https://t.me/ZeroSecOfficial) hacker Ghostman discovered an open redirect vulnerability in Amazon Simple Storage Service (S3). The vulnerability, which lies in scoping Amazon subdomain s3.amazonaws.com into the main aws.amazon.com/s3, allows the attacker to draw the victim onto a different landing page…
Directadmin ControlPanel DoS and XSS Vulns Exposed By Amir Of The IEDB Team
Iranian security researcher and IEDB Team member/IEDB/IrIsT.ir and Xssed.ir founder Amir has published a DoS vulnerability in the Directadmin ControlPanel software -http://www.directadmin.com- Directadmin is a web hosting control panel for the remote web-based administration of multiple web servers. The vulnerability affects Directadmin…
4TT4CK3R Finds ViewState Bug in UK Geological Society Site
Iranian security researcher 4TT4CK3R has disclosed a vulnerability in the website of the UK’s Geological Society. The web site runs on Windows web server IIS 7.5 with ASP.NET -version 4.0.30319- but does not have the ViewState parameter encrypted. This means that there…
Ehsan Cod3r Discovers Mail.Ru Vulnerability
Iranian whitehat cybersecurity researcher Ehsan Hosseini -aka Ehsan Cod3r- has disclosed a send edited message vulnerability in the Russian mail provider software mail.ru. The vulnerability is in the design allowing a potential privilege escaltion to the attacker. Ehsan Cod3r also credits…
Ashiyane Find Siemens Simatic STEP7 DLL Bug
Security researcher Amir.ght of Iranian group Ashiyane Digital Security Team claims to have found a DLL Hijacking vulnerability in the following software: SIMATIC Manager Step7 -versions >= 5.5 SP1-, for the SIEMENS STEP 7/S7 Programmable Controller. This builds on a…
Ashiyane Find Multiple Bugs In Webworx Design
Researchers of the Ashiyane Digital Security Team have discover three seperate vulnerabilities in Webworx Design Group product -http://www.easynetsites.com/-: Dork : intext:”Design by Webworx Design Group • Powered by EasyNetSites.com Webware” cpage.php?pt= XSS vulnerability Link: https://cxsecurity.com/issue/WLB-2016120119 Cross-site scripting -XSS- is type…
Iran Cyber Security Group Find Zend Bug
Hacker JACKSON of the team Iran Cyber Security Group have made find vulnerability in Zend Framework -https://framework.zend.com- Zend Framework is a collection of professional PHP packages with more than 94 million installations. It can be used to develop web applications…
Persian Hack Team Find Router DoS Vuln
Iranian hacker Mojtaba MobhaM of team Persian Hack Team is make discover of a vulnerable daemon parameter, which has cause a DoS -Denial of Service- condition in the router: Gnet AD1504 Wlan Adsl2+ Router Bug is discovered by : Mojtaba…
Persian Hack Team Expose DLL Hijacking Bug
Hackers of the team Persian Hack Team has discover a DLL hijacking vulnerability -requires local access to exploit- in: CodeBlocks -version 12.11- DLL hijacking involve replacement of desired DLL -Dynamic Link Library- with a malicious DLL of the same name…