[webapps] orangescrum 1.8.0 – Privilege escalation (Authenticated)
orangescrum 1.8.0 – Privilege escalation (Authenticated)
DetectionLabELK – A Fork From DetectionLab With ELK Stack Instead Of Splunk
DetectionLabELK is a fork from Chris Long’s DetectionLab with ELK stack instead of Splunk.Description: DetectionLabELK is the perfect lab to use if you would like to build effective detection capabilities. It has been designed with defenders in mind. …
Git Signing commits in a private repo
Linus mentioned in 2009 that "Signing each commit is totally stupid".
Has the common view evolved on this subject since then ? Doesn’t it protect against someone usurping your identity to commit something into your git repo ?
Tha…
[webapps] Bagisto 1.3.3 – Client-Side Template Injection
Bagisto 1.3.3 – Client-Side Template Injection
Windows Defender Exclusions
If a virus added itself to windows defender exclusions, it will never be scanned.
However would windows defender still remove its startup registry keys and scheduled tasks?
Windows defender is the only antivirus allowing exclusions to be a…
[webapps] CMSimple 5.4 – Local file inclusion (LFI) to Remote code execution (RCE) (Authenticated)
CMSimple 5.4 – Local file inclusion (LFI) to Remote code execution (RCE) (Authenticated)
[local] HTTPDebuggerPro 9.11 – Unquoted Service Path
HTTPDebuggerPro 9.11 – Unquoted Service Path
[local] Linux Kernel 5.1.x – ‘PTRACE_TRACEME’ pkexec Local Privilege Escalation (2)
Linux Kernel 5.1.x – ‘PTRACE_TRACEME’ pkexec Local Privilege Escalation (2)