Command Execution Vulnerability in WordPress Affecting all VersionsAugust 13th, 2005 A command execution vulnerability has been found in WordPress's handling of incoming cookie information which allows remote attackers to cause the program to execute arbitrary code if the PHP settings of register_globals has been set to On. Already a perl and php exploit is available.
Recommended Firefox Extension - Flash BlockApril 16th, 2006 The most annoying thing about web these days is the prevalence of Macromedia Flash based eye candies and advertisement. Not only they are an irritating visual distraction (in most cases), they also consume way too much CPU.
Microsoft Internet Explorer Bug Allows Hackers To Read Your Email, Website Credentials & Remote Code ExecutionJune 29th, 2006 Fresh security problems found in Microsoft Internet Explorer that can allow attackers to take over a system or read private information from other Web sites. One of the bugs also affects Firefox.
PHP XMLRPC Remote Code Execution Vulnerability affecting Popular Blogging and CMS Platforms like WordPress 1.5.1.2 (and lower), PostNuke, Drupal, b2evolution TikiWiki etc.July 5th, 2005 PHPXMLRPC aka XML-RPC For PHP is a PHP implementation of the XML-RPC, web RPC protocol, and was originally developed by Edd Dumbill of Useful Information Company. As of the 1.0 stable release, the project has been opened to wider involvement and moved to SourceForge.
Microsoft PowerPoint Suffers From Memory Corruption Security VulnerabilityJuly 18th, 2006 Naveed has discovered a vulnerability in Microsoft PowerPoint, which potentially can be exploited to compromise any user's system. The vulnerability has been confirmed on Windows XP SP2 with a fully patched PowerPoint 2003.
Cross-Site Scripting Vulnerability in Apache mod_imap ModuleDecember 16th, 2005 A cross-site scripting (XSS) vulnerability has been discovered in the Apache httpd server's mod_imap module which allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps. Input passed to the image map "Referer" directive in "mod_imap" isn't properly sanitised before being returned to the user.
Serious Security Vulnerabilities of WordPress 1.5.1.2 and belowJuly 5th, 2005 WordPress is a very popular personal publishing platform aka blogging platform (with a primitive CMS) in use all over the web. There are a number of serious security vulnerabilities in WordPress that may allow an attacker to ultimately run arbitrary code on the vulnerable system.
Xoops CMS SQL Injection Vulnerability ReportedJune 29th, 2006 KeyCoder has discovered a vulnerability in the MyAds module for Xoops, which can be exploited by malicious people to conduct SQL injection attacks. Input passed to the "lid" parameter in annonces-p-f.php isn't properly sanitised before being used in a SQL query.
iPhone Hacking: Security Vulnerability Allows Full Remote Control From Malicious Web SitesJuly 24th, 2007 Security researchers Charlie Miller, Jake Honoroff & Joshua Mason claimed and then demonstrated a prrof-of-concept vulnerability in iPhone which can be used by any website to inject codes in iPhone which will allow full remote control of your iPhone over the internet. The hackers can do everything you can do with your iPhone remotely.
Mambo / Joomla SQL Injection VulnerabilityJune 19th, 2006 rgod has discovered a vulnerability in Mambo & Joomla, which can be exploited to conduct SQL injection attacks. Input passed to the "Name" field when submitting a web link isn't properly sanitised before being used in a SQL query.
Linux Worm Exploits PHP XMLRPC VulnerabilityNovember 9th, 2005 There are few reports of an attack by a new Linux worm called Lupper which exploits a well known PHP XMLRPC implementation vulnerability. PHP XMLRPC implementation is used in a large number of popular web applications such as PostNuke, Drupal, b2evolution, Xoops, PHPGroupWare, TikiWiki etc.
Adobe CEO Shantanu Narayen says Omniture integration may be easier than that of MacromediaSeptember 15th, 2009 On the Call: Adobe CEO Shantanu NarayenNEW YORK — Adobe Systems Inc. is planning to buy Omniture Inc., a Web analytic software company, for about $1.8 billion.
How To Hijack a MacBook in 60 Seconds or LessAugust 7th, 2006 Watch the video presentation Jon "Johnny Cache" Ellch and David Maynor at Black Hat USA 2006 conference in Las Vegas on a new method for remotely (using Wireless) circumventing the security of an Apple Macbook computer to seize total control over the machine. var movieSrc = "http://media.washingtonpost.com/wp-srv/mmedia/player/player2.swf?whichMode=normal&justify=center&playad=yes&mediatype=stream&postdir=business&postvideo=080206-17v&cuesfile=none&autoplay=no&starttime=0&endtime=0&largerver=none&image=080206-17v_427&playlistxml=none" ; //URL OF WHERE .SWF MOVIE IS PUBLISHED
var movieWidth = "427" ; //FLASH MOVIE AND BACK-UP GRAPHIC WIDTH
var movieHeight = "300" ; //FLASH MOVIE AND BACK-UP GRAPHIC HEIGHT
var backupGraphic = "no" ; // If you have a backup graphic "yes" or "no"
var graphicSrc = "" ;
var graphicLink = "" ;
//requiredVersion: Change this to 8 to test your alternate text.
Adobe Introducing Latest Version of Flash Software for any SmartPhone Around the World, but Apple iPhone! February 16th, 2009 According to the absolutely latest news, Adobe is going to introduce a new version of its Flash software that runs not only on computers but also on the latest high-end mobile phones. That means Adobe plans to bring a full PC version of its Flash video player to smartphones next year.
6 Ruby on Rails Video TutorialsAugust 6th, 2008 The tutorials are an intensive one-day overview of the fundamental concepts of the Ruby on Rails Web programming framework, presented by the UC Berkeley RAD Lab. The tutorials consists of six sections of approximately one hour each.
Comment Below | 
Email this Article
Loading ...