Archive for the ‘php security’ Category
If you're using the popular rConfig network configuration management utility to protect and manage your network devices, here we have an important and urgent warning for you.
A cybersecurity researcher has recently published details and proof-of-concept exploits for two unpatched, critical remote code execution vulnerabilities in the rConfig utility, at least one of which could allow
Posted in cyber security, Network Device Management, network security, networking, php security, rConfig, remote code execution, Zero-Day Vulnerability | Comments (0)
If you're running any PHP based website on NGINX server and have PHP-FPM feature enabled for better performance, then beware of a newly disclosed vulnerability that could allow unauthorized attackers to hack your website server remotely.
The vulnerability, tracked as CVE-2019-11043, affects websites with certain configurations of PHP-FPM that is reportedly not uncommon in the wild and could
Posted in hacking web server, hosting web server, Nginx, php 7, php security, PHP Vulnerability, PHP-FPM, Vulnerability, website security | Comments (0)
Hackers have been found exploiting a pair of critical security vulnerabilities in one of the popular social media sharing plugins to take control over WordPress websites that are still running a vulnerable version of the plugin.
The vulnerable plugin in question is Social Warfare which is a popular and widely deployed WordPress plugin with more than 900,000 downloads. It is used to add social
Posted in cyber security, hack wordpress, hacking news, php security, remote code execution, website security, WordPress, Wordpress hacking, Wordpress Security | Comments (0)
Drupal, the popular open-source content management system, has released security updates to address multiple "moderately critical" vulnerabilities in Drupal Core that could allow remote attackers to compromise the security of hundreds of thousands of websites.
According to the advisories published today by the Drupal developers, all security vulnerabilities Drupal patched this month reside in
Posted in Cross site scripting, cybersecurity, Drupal, Drupal hacking, hacking news, JQuery, php security, remote code execution, Vulnerability, website security | Comments (0)
A critical vulnerability has been discovered in PHPMailer, which is one of the most popular open source PHP libraries to send emails used by more than 9 Million users worldwide.
Millions of PHP websites and popular open source web applications, including WordPress, Drupal, 1CRM, SugarCRM, Yii, and Joomla comes with PHPMailer library for sending emails using a variety of methods, including
Posted in hacking news, php backdoor, PHP script, php security, phpmailer, remote code execution, Vulnerability, website hacking, website security | Comments (0)
Open source webmail provider Roundcube was patched against a vulnerability that could be trivially exploited to run code on servers or access email accounts.
Posted in code execution, command execution, email security, Hendrik Buchwald, input sanitation, Input validation, Open Source Security, PHP fifth parameter, php security, RIPS Technologies, Roundcube, vulnerabilities, Vulnerability, Web Security | Comments (0)
Cyber attacks get bigger, smarter, more damaging.
P*rnHub launched its bug bounty program two months ago to encourage hackers and bug bounty hunters to find and responsibly report flaws in its services and get rewarded.
Now, it turns out that the world’s most popular p*rn*graphy site has paid its first bounty payout. But how much?
<!– adsense –>
Yes, P*rnHub has paid $20,000
Posted in Bug Bounty Program, hacking news, php backdoor, PHP script, php security, remote code execution, website hacking, zero-day exploit | Comments (0)
A new research showed that Scripting languages, in general, give birth to more security vulnerabilities in web applications, which raised concerns over potential security bugs in millions of websites.
The app security firm Veracode has released its State of Software Security: Focus on Application Development report (PDF), analyzing more than 200,000 separate applications from October 1,
Posted in computer programming, hacking news, Java, php security, programming language, security news, Vulnerability, Zero-Day Vulnerability | Comments (0)