Archive for 2009
Wordpress 2.8.3 admin exploit
It’s possible for a malicious user reset admin password on latest version Wordpress 2.8.3. Check out explanation here, patch here and exploit here.
Wordpress 2.8.3 is out
Wordpress fixes latest security problems, download it now.
IXXO Cart! Standalone and Joomla Component SQL Injection
Ref. [DSF-03-2009] – IXXO Cart! Standalone and Joomla Component SQL Injection
Vendor: IXXO Internet Solutions
Status: Patched by vendor
IXXO Cart!
IXXO Cart is an extremely powerful php shopping cart and web site builder application. Designed from a marketing perspective, this ecommerce application is feature-packed, robust, scalable and easy to use. IXXO Cart Plus is the clear choice for [...]
Hacking CSRF Tokens
Great combination of techinques published by SecureThoughts.
Wordpress 2.8.2 update
Wordpress 2.8.2 is out and covers/patches some XSS problems in comments at admin section.
Truth about pen-testing
A very good and self explanatory article that covers 10 points on the truth about pen-testing, written by Alberto Soliño. Check it out here.
ImageShack was hacked
anti-sec again is the group who everyone is talking. They hacked imageshack and promote their anti full-disclosure policy. Great discussion at Slashdot about this.
Wordpress 2.8.1 is out
Wordpress update is out, download here.
Milw0rm is be closed?
After str0ke announce that milw0rm will be closed, it seems that a couple of guys will continue his work. Hope they continue the great job str0ke made in the last years of milw0rm existence.
Michael Jackson death malware
Michael Jackson death malware is already spreading according to the latest news.
Categories
Recent Comments