Latest Post
IXXO Cart! Standalone and Joomla Component SQL Injection
Ref. [DSF-03-2009] – IXXO Cart! Standalone and Joomla Component SQL Injection Vendor: IXXO Internet Solutions Status: Patched by vendor IXXO Cart! IXXO Cart is an extremely powerful php shopping cart and web site builder application. Designed from a marketing perspective, this ecommerce application is feature-packed, robust, scalable and easy to use. IXXO Cart Plus is the clear choice for [...]
Featured Post
I present to you, RMS – Remote Malware Scanner. What is it? It’s a online tool that scans for possible malicious content inside the source code of a specific web page. It might give you false results, specially because it searches for .js files, iframes, etc… but also for specific and existent malware code. You can check [...]
Asides
- It's possible for a malicious user reset admin password on latest version Wordpress 2.8.3. Check out explanation here, patch here and exploit here. #
- Wordpress fixes latest security problems, download it now. #
- Great combination of techinques published by SecureThoughts. #
- Wordpress 2.8.2 is out and covers/patches some XSS problems in comments at admin section. #
- A very good and self explanatory article that covers 10 points on the truth about pen-testing, written by Alberto Soliño. Check it out here. #
- anti-sec again is the group who everyone is talking. They hacked imageshack and promote their anti full-disclosure policy. Great discussion at Slashdot about this. #
- Wordpress update is out, download here. #
- After str0ke announce that milw0rm will be closed, it seems that a couple of guys will continue his work. Hope they continue the great job str0ke made in the last years of milw0rm existence. #
- Michael Jackson death malware is already spreading according to the latest news. #
- Mozilla security program manager Brandon Sterne just published an article about a feature Mozilla is working on - Content Security Policy. This feature will allow to protect against XSS, clickjacking and other attacks. Just a must read. #
Welcome to David Sopas
A place where a user can read the latest articles on web security and keep in touch with my latest advisories. Be the first to receive the latest updates by signing up my RSS .
Recent Posts
Categories
Recent Comments