Tags archives: sicurezza

 

0

Malicious QuadRooter Apps Discovered in Google Play Store

The recent disclosure of a set of vulnerabilities in the Android operating system that could potentially put over 900 million devices at risk may have been patched, but its threat remains. The QuadRooter flaw, discovered by Check Point, could potentially give cyber attackers complete control over an Android device. The vulnerability was discovered in Qualcomm [...]

 

0

The Hacker Manifesto in italiano

La coscienza di un hacker di The Mentor Scritto l'8 gennaio 1986 Un altro è stato preso oggi, è su tutti i giornali. "Adolescente arrestate in uno scandalo di crimini informatici", "Hacker arrestato dopo aver truffato una banca"... Dannati ragazzi. Sono tutti uguali. Ma avete mai, con la volta psicologia da tre soldi e un [...]

 

0

New Pokemon Go Ransomware Creates Windows Backdoor Account

With all the frenzy around the Pokemon GO mobile game, it was only just a matter of time before attackers leveraged its popularity to spread ransomware. A new ransomware was recently discovered impersonating a Pokemon GO application for Windows. Detected by Trend Micro as Ransom_POGOTEAR.A, it appears to be like any other ransomware. However, a [...]

 

0

WordPress Google Maps 2.1.2 Cross Site Scripting

------------------------------------------------------------------------ Cross-Site Scripting vulnerability in Google Maps WordPress Plugin ------------------------------------------------------------------------ Julien Rentrop, July 2016   ------------------------------------------------------------------------ Abstract ------------------------------------------------------------------------ A Cross-Site Scripting vulnerability was found in the Google Maps WordPress Plugin. This issue allows an attacker to perform a wide variety of actions, such as stealing users' session tokens, or performing arbitrary actions on their behalf. [...]

 

0

WordPress Magic Fields 2 Cross Site Scripting

------------------------------------------------------------------------ Persistent Cross-Site Scripting in Magic Fields 2 WordPress Plugin ------------------------------------------------------------------------ Burak Kelebek, July 2016   ------------------------------------------------------------------------ Abstract ------------------------------------------------------------------------ A Cross-Site Scripting vulnerability was found in the Magic Fields 2 plugin. This issue allows an attacker to perform a wide variety of actions, such as stealing Administrators' session tokens, or performing arbitrary actions on their [...]

 

0

WordPress Magic Fields 1 Cross Site Scripting

------------------------------------------------------------------------ Persistent Cross-Site Scripting in Magic Fields 1 WordPress Plugin ------------------------------------------------------------------------ Burak Kelebek, July 2016   ------------------------------------------------------------------------ Abstract ------------------------------------------------------------------------ A Cross-Site Scripting vulnerability was found in the Magic Fields 1 plugin. This issue allows an attacker to perform a wide variety of actions, such as stealing Administrators' session tokens, or performing arbitrary actions on their [...]

 

0

QuadRooter le vulnerabilità che colpiscono più di 900 milioni dispositivi Android

Check Point, azienda israeliana specializzata in prodotti relativi alla sicurezza, è venuta a conoscenza di quattro nuove vulnerabilità Android. In occasione della Def Con 24, una tra le più importanti conferenze sulla sicurezza informatica, tenutasi a Las Vegas, il ricercatore di Check Point, Adam Donenfeld, ha parlato di un nuovo set di falle che affliggerebbe [...]

 

0

WordPress Store Locator Plus 4.5.09 Cross Site Scripting

------------------------------------------------------------------------ Cross-Site Scripting in Store Locator Plus for WordPress ------------------------------------------------------------------------ Yorick Koster, July 2016   ------------------------------------------------------------------------ Abstract ------------------------------------------------------------------------ A Cross-Site Scripting vulnerability was found in Store Locator Plus for WordPress. This issue allows an attacker to perform a wide variety of actions, such as stealing Administrators' session tokens, or performing arbitrary actions on their behalf. [...]

 

0

WordPress Welcome Announcement 1.0.5 Cross Site Scripting

##################### # Exploit Title: Wordpress Welcome Announcement Cross Site Scripting # Exploit Author: bl4ck_mohajem # Vendor Homepage: https://wordpress.org/plugins/welcome-announcement/ # Tested On: Windows7 # Software Link: https://downloads.wordpress.org/plugin/welcome-announcement.1.0.5.zip # Version: 1.0.5 ###################### # Vulnerable File and Codes: wa_options.php Lines(134-142-161-188-196-204-215-223-234-258-266)   <input class="entry" type="text" size=40 name="wa_opts[cookie_name]" value="<?php echo $wa_opts["cookie_name"]; ?>" /> <input class="entry" type="text" size=40 name='wa_opts[cookie_expiration]'value="<?php echo $wa_opts["cookie_expiration"]; [...]