Pacosite's Blog

Comunicaciones, Linux, Tecnología e Internet

[webapps] ApacheOfBiz 17.12.01 – Remote Command Execution (RCE) via Unsafe Deserialization of XMLRPC arguments

Posted on August 4, 2021 by Frank Cisco

ApacheOfBiz 17.12.01 – Remote Command Execution (RCE) via Unsafe Deserialization of XMLRPC arguments

from Exploit-DB.com RSS Feed https://ift.tt/3imS6QP
via IFTTT

[webapps] Client Management System 1.1 – ‘cname’ Stored Cross-site scripting (XSS)

Posted on August 4, 2021 by Frank Cisco

Client Management System 1.1 – ‘cname’ Stored Cross-site scripting (XSS)

from Exploit-DB.com RSS Feed https://ift.tt/3yuMmu0
via IFTTT

[webapps] qdPM 9.2 – DB Connection String and Password Exposure (Unauthenticated)

Posted on August 4, 2021 by Frank Cisco

qdPM 9.2 – DB Connection String and Password Exposure (Unauthenticated)

from Exploit-DB.com RSS Feed https://ift.tt/3CebuHn
via IFTTT

[webapps] qdPM 9.1 – Remote Code Execution (RCE) (Authenticated)

Posted on August 4, 2021 by Frank Cisco

qdPM 9.1 – Remote Code Execution (RCE) (Authenticated)

from Exploit-DB.com RSS Feed https://ift.tt/3C72Me2
via IFTTT

[webapps] WordPress Plugin WP Customize Login 1.1 – ‘Change Logo Title’ Stored Cross-Site Scripting (XSS)

Posted on August 4, 2021 by Frank Cisco

WordPress Plugin WP Customize Login 1.1 – ‘Change Logo Title’ Stored Cross-Site Scripting (XSS)

from Exploit-DB.com RSS Feed https://ift.tt/3CfmioD
via IFTTT

BazarCaller – the malware gang that talks you into infecting yourself

Posted on August 3, 2021 by Frank Cisco

Calling someone back feels safer than clicking an unknown link… but it isn’t! Remind your friends and family.

from Naked Security https://ift.tt/2ViMFto
via IFTTT

[webapps] Hotel Management System 1.0 – Cross-Site Scripting (XSS) Arbitrary File Upload Remote Code Execution (RCE)

Posted on August 3, 2021 by Frank Cisco

Hotel Management System 1.0 – Cross-Site Scripting (XSS) Arbitrary File Upload Remote Code Execution (RCE)

from Exploit-DB.com RSS Feed https://ift.tt/3jnsMtk
via IFTTT

On course for a good hacking

Posted on August 2, 2021 by Frank Cisco

A story of how easily hackers could hit a hole-in-one with the computer network of a premier golf club in the UK.

The post On course for a good hacking appeared first on WeLiveSecurity

from WeLiveSecurity https://ift.tt/3A443R9
via IFTTT

New Normal Demands New Security Leadership Structure

Posted on August 2, 2021 by Frank Cisco

At the inaugural Omdia Analyst Summit, experts discuss where the past year has created gaps in traditional security strategy and how organizations can fill them.

from Dark Reading: https://ift.tt/2WC8p3B
via IFTTT

Multiple Zero-Day Flaws Discovered in Popular Hospital Pneumatic Tube System

Posted on August 2, 2021 by Frank Cisco

“PwnedPiper” flaws could allow attackers to disrupt delivery of lab samples or steal hospital employee credentials, new research shows.

from Dark Reading: https://ift.tt/2V5QOkp
via IFTTT