[remote] RoyalTSX 6.0.1 – RTSZ File Handling Heap Memory Corruption PoC
RoyalTSX 6.0.1 – RTSZ File Handling Heap Memory Corruption PoC
[webapps] GoAhead Web Server 2.5 – ‘goform/formTest’ Multiple HTML Injection Vulnerabilities
GoAhead Web Server 2.5 – ‘goform/formTest’ Multiple HTML Injection Vulnerabilities
How is issuing a certificate revocation response different from re-issuing the certificate itself?
I am reading about how certificates work in the context of X.509, SSL/TLS/HTTPS. According to Wikipedia, the client (e.g. a browser) is supposed to check the revocation status for each non-root certificate as a part of certification path v…
Criteria for Common Name of Certificate Authority and how it affects SSL certificates
It is not clear to me how the Common Name affects a certificate authority and the certificates that are ultimately created. For example, I have this simple script that creates some files for a certificate authority auto-generated/ca.* and…
CVE-2024-0366 | Starbox Plugin up to 3.4.7 on WordPress resource injection
A vulnerability was found in Starbox Plugin up to 3.4.7 on WordPress. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to improper control of resource identifiers.
This vulnerability was named CVE-20…
CVE-2024-1069 | Contact Form Entries Plugin up to 1.3.2 on WordPress unrestricted upload
A vulnerability was found in Contact Form Entries Plugin up to 1.3.2 on WordPress. It has been classified as problematic. This affects an unknown part. The manipulation leads to unrestricted upload.
This vulnerability is uniquely identified as CVE-202…
CVE-2024-24567 | Vyper raw_call value Privilege Escalation
A vulnerability was found in Vyper and classified as problematic. Affected by this issue is the function raw_call. The manipulation of the argument value leads to Privilege Escalation.
This vulnerability is handled as CVE-2024-24567. The attack can on…
CVE-2024-0791 | WOLF Plugin up to 1.0.8.1 on WordPress authorization
A vulnerability has been found in WOLF Plugin up to 1.0.8.1 on WordPress and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to missing authorization.
This vulnerability is known as CVE-2024-0…