Posted by Andrey Stoykov on Sep 18
# Exploit Title: Stored XSS in “Edit Profile” – htmlyv2.9.9
# Date: 9/2024
# Exploit Author: Andrey Stoykov
# Version: 2.9.9
# Tested on: Ubuntu 22.04
# Blog:
https://msecureltd.blogspot.com/2024/09/friday-fun-pentest-series-11-stored-xss.html
Stored XSS #1:
Steps to Reproduce:
1. Login as author
2. Browse to “Edit Profile”
3. In “Content” field add payload “><img src=x onerror=alert(1)>
4. Then…
Posted by Andrey Stoykov on Sep 18
# Exploit Title: Stored XSS in “Menu Editor” – htmlyv2.9.9
# Date: 9/2024
# Exploit Author: Andrey Stoykov
# Version: 2.9.9
# Tested on: Ubuntu 22.04
# Blog:
https://msecureltd.blogspot.com/2024/09/friday-fun-pentest-series-10-stored-xss.html
Stored XSS #1:
Steps to Reproduce:
1. Login as admin
2. Browse to “Menu Editor”
3. In “Name” field add payload “><img src=x onerror=alert(1)>
4. In…
Posted by malvuln on Sep 18
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/d1523df44da5fd40df92602b8ded59c8.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln
Threat: Backdoor.Win32.BlackAngel.13
Vulnerability: Unauthenticated Remote Command Execution
Description: The malware listens on TCP port 1850. Third party
adversaries who can reach an infected host can issue commands made
available by the backdoor….
Posted by malvuln on Sep 18
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/cb86af8daa35f6977c80814ec6e40d63.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln
Threat: Backdoor.Win32.CCInvader.10
Vulnerability: Authentication Bypass
Description: The malware runs an FTP server. Third-party adversarys
who can reach infected systems can logon using any username/password
combination. Intruders may then upload…
Posted by malvuln on Sep 18
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/f991c25f1f601cc8d14dca4737415238.txt
Contact: malvuln13 () gmail com
Media: x.com/malvuln
Threat: Backdoor.Win32.Delf.yj
Vulnerability: Information Disclosure
Description: The malware listens on TCP port 8080. Third-party
adversaries who can reach an infected system, can download screen
captures of a victims machine by making a simple…
Security issues were discovered in Chromium which could result
in the execution of arbitrary code, denial of service, or information
disclosure.
Transport for London (TfL) suffers a cybersecurity incident and tells its 30,000 staff they will all have to their identities verified… in-person. Who might have been behind the attack and why? Meanwhile, Donald Trump’s curious relationship with cryptocurrency is explored.
All this and Demi Moore is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– GPU drivers;
– Modular ISDN driver;
– MMC subsystem;
– SCSI drivers;
– F2FS file system;
– GFS2 file system;
– Netfilter;
– RxRPC session sockets;
– Integrity Measurement Architecture(IMA) framework;
(CVE-2021-47188, CVE-2024-27012, CVE-2024-42228, CVE-2022-48791,
CVE-2024-39494, CVE-2022-48863, CVE-2024-26787, CVE-2024-42160,
CVE-2024-38570, CVE-2024-26677)
chromium-129.0.6668.58-1.fc39
update to 129.0.6668.58
* High CVE-2024-8904: Type Confusion in V8
* Medium CVE-2024-8905: Inappropriate implementation in V8
* Medium CVE-2024-8906: Incorrect security UI in Downloads
* Medium CVE-2024-8907: Insufficient data validation in Omnibox
* Low CVE-2024-8908: Inappropriate implementation in Autofill
* Low CVE-2024-8909: Inappropriate implementation in UI
