Archive for the ‘Cross site scripting’ Category
A cybersecurity researcher today disclosed technical details of multiple high severity vulnerabilities he discovered in WhatsApp, which, if exploited, could have allowed remote attackers to compromise the security of billions of users in different ways.
When combined together, the reported issues could have even enabled hackers to remotely steal files from the Windows or Mac computer of a
Drupal, the popular open-source content management system, has released security updates to address multiple "moderately critical" vulnerabilities in Drupal Core that could allow remote attackers to compromise the security of hundreds of thousands of websites.
According to the advisories published today by the Drupal developers, all security vulnerabilities Drupal patched this month reside in
Posted in Cross site scripting, cybersecurity, Drupal, Drupal hacking, hacking news, JQuery, php security, remote code execution, Vulnerability, website security | Comments (0)
A security researcher has discovered a severe vulnerability in the popular, open source event-driven platform StackStorm that could allow remote attackers to trick developers into unknowingly execute arbitrary commands on targeted services.
StackStorm, aka "IFTTT for Ops," is a powerful event-driven automation tool for integration and automation across services and tools that allows
Posted in application security, cross site origin request, Cross site scripting, hacking news, StackStorm, Web Application Security, XSS vulnerability | Comments (0)
A team of cybersecurity researchers from the University of New Haven yesterday released a video demonstrating how vulnerabilities that most programmers often underestimate could have allowed hackers to evade privacy and security of your virtual reality experience as well as the real world.
According to the researchers—Ibrahim Baggili, Peter Casey and Martin Vondráček—the underlying
Posted in Bigscreen VR, Cross site scripting, hacking news, VR apps, vr experience, vr headset, Vulnerability | Comments (0)
A security researcher has discovered multiple one-click client-side vulnerabilities in the some of the world's most popular and widely-used web hosting companies that could have put millions of their customers as well as billions of their sites' visitors at risk of hacking.
Independent researcher and bug-hunter Paulos Yibelo, who shared his new research with The Hacker News, discovered roughly
Posted in best web hosting, cheap web hosting, Cloud hosting, Cross site scripting, Dedicated Hosting, free web hosting, hosting services, Vulnerability, Web Application Vulnerability, Web hosting service | Comments (0)
IBM fixed a cross-site scripting vulnerability in its Worklight and MobileFirst products that could have let an attacker steal sensitive information.
Posted in Cross site scripting, Emaze Networks, Gabriele Gristina, IBM, MobileFirst, vulnerabilities, Worklight, XSS | Comments (0)
While Windows users are currently in fear of getting their systems hijacked by the WannaCry ransomware outbreak, Apple users are sitting relaxed, thinking that malware attacks are something that happens to Windows users, and not Apple.
But you are mistaken – Apple products are also not immune to the hack attacks and malware infections, as an ebook can hack your Mac, iPhone, and iPad.
Posted in apple security, Apple TV, Cross site scripting, hacking news, iOS Update, ipad hacking, iPhone Security, remote code execution, Security patch Update, update iphone, Vulnerability | Comments (0)
Five vulnerabilities exist in Siemens RUGGEDCOM gear; the vendor has made a number of workarounds available, but it’s unknown whether patches will be made available.
Posted in critical infrastructure, Cross site scripting, file upload vulnerability, harsh environments, Input validation, Maxim Rupp, path traversal, RuggedCom, server misconfiguration, Siemens, vulnerabilities | Comments (0)
Researchers at SEC Consult disclosed a command injection vulnerability in Ubiquiti Networks gear for ISPs after a private disclosure to the vendor in November went unresolved.
Posted in command injection vulnerability, Cross site scripting, Cross-site request forgery, ISP gear, networking gear, PHP, SEC Consult Vulnerability Lab, Ubiquiti Networks, vulnerabilities | Comments (0)