Pacosite's Blog

Comunicaciones, Linux, Tecnología e Internet

Many Mobile Apps Intentionally Using Insecure Connections for Sending Data

Posted on June 11, 2021 by Frank Cisco

A new analysis of iOS and Android apps released to Apple’s and Google’s app stores over the past five years found many to be deliberately breaking HTTPS protections.

from Dark Reading: https://ift.tt/3vdvJjR
via IFTTT

Secure Access Trade-offs for DevSecOps Teams

Posted on June 11, 2021 by Frank Cisco

Thanks to recent advancements in access technologies, everyone can apply identity-based authentication and authorization and zero-trust principles for their computing resources.

from Dark Reading: https://ift.tt/3x6mYcO
via IFTTT

[webapps] WoWonder Social Network Platform 3.1 – Authentication Bypass

Posted on June 11, 2021 by Frank Cisco

WoWonder Social Network Platform 3.1 – Authentication Bypass

from Exploit-DB.com RSS Feed https://ift.tt/3czkonX
via IFTTT

[webapps] Zenario CMS 8.8.52729 – ‘cID’ Blind & Error based SQL injection (Authenticated)

Posted on June 11, 2021 by Frank Cisco

Zenario CMS 8.8.52729 – ‘cID’ Blind & Error based SQL injection (Authenticated)

from Exploit-DB.com RSS Feed https://ift.tt/3gcKnDK
via IFTTT

[webapps] Solar-Log 500 2.8.2 – Unprotected Storage of Credentials

Posted on June 11, 2021 by Frank Cisco

Solar-Log 500 2.8.2 – Unprotected Storage of Credentials

from Exploit-DB.com RSS Feed https://ift.tt/3whI8od
via IFTTT

[webapps] Solar-Log 500 2.8.2 – Incorrect Access Control

Posted on June 11, 2021 by Frank Cisco

Solar-Log 500 2.8.2 – Incorrect Access Control

from Exploit-DB.com RSS Feed https://ift.tt/3pGS601
via IFTTT

[webapps] Grocery crud 1.6.4 – ‘order_by’ SQL Injection

Posted on June 11, 2021 by Frank Cisco

Grocery crud 1.6.4 – ‘order_by’ SQL Injection

from Exploit-DB.com RSS Feed https://ift.tt/2TXpbJk
via IFTTT

[webapps] WordPress Plugin Database Backups 1.2.2.6 – ‘Database Backup Download’ CSRF

Posted on June 11, 2021 by Frank Cisco

WordPress Plugin Database Backups 1.2.2.6 – ‘Database Backup Download’ CSRF

from Exploit-DB.com RSS Feed https://ift.tt/3zjqWkd
via IFTTT

[webapps] OpenEMR 5.0.0 – Remote Code Execution (Authenticated)

Posted on June 11, 2021 by Frank Cisco

OpenEMR 5.0.0 – Remote Code Execution (Authenticated)

from Exploit-DB.com RSS Feed https://ift.tt/3v8uTF2
via IFTTT

[webapps] Microsoft SharePoint Server 16.0.10372.20060 – ‘GetXmlDataFromDataSource’ Server-Side Request Forgery (SSRF)

Posted on June 11, 2021 by Frank Cisco

Microsoft SharePoint Server 16.0.10372.20060 – ‘GetXmlDataFromDataSource’ Server-Side Request Forgery (SSRF)

from Exploit-DB.com RSS Feed https://ift.tt/3gp8RZs
via IFTTT