Automated Logic WebCTRL version 6.5 suffers from an insecure file permission privilege escalation vulnerability.
Source: Automated Logic WebCTRL 6.5 Insecure File Permissions Privilege Escalation
The post Automated Logic WebCTRL 6.5 Insecure File Permi…
Progress Sitefinity version 9.1 suffers from cross site scripting, broken session management, and open redirection vulnerabilities.
Source: Progress Sitefinity 9.1 XSS / Session Management / Open Redirect
The post Progress Sitefinity 9.1 XSS / Session …
RedTeam Pentesting discovered that attackers can configure a proxy host and port to be used when fetching print jobs with WebClientPrint Processor (WCPP). This proxy setting may be distributed via specially crafted websites and is set without any user interaction as soon as the website is accessed. Version 2.0.15.109 is affected. Source: WebClientPrint Processor 2.0.15.109 […]
The post WebClientPrint Processor 2.0.15.109 Unauthorized Proxy Modification appeared first on MondoUnix.
Il 21 agosto è stato annunciata la disponibilità pubblica della nuova versione di Android per i cellulari Pixel e Nexus di Google. Le novità, soprattutto a livello di sistema, sono davvero molte, ma le più evidenti per l’utente saranno … [Visita il sito per leggere tutto l’articolo]
Una nuova release è stata annunciata per Wine, il software OpenSource che permette di emulare sistemi Microsoft Windows in Linux! Nonostante sia la release più … [Visita il sito per leggere tutto l’articolo]
Source: HBO Hackers Threaten To Release Game Of Thrones Finale
The post HBO Hackers Threaten To Release Game Of Thrones Finale appeared first on MondoUnix.
Source: Spyware Backdoor Prompts Google To Pull 500 Apps
The post Spyware Backdoor Prompts Google To Pull 500 Apps appeared first on MondoUnix.
Source: Open AWS S3 Bucket Leaked Hotel Booking Service Data
The post Open AWS S3 Bucket Leaked Hotel Booking Service Data appeared first on MondoUnix.
Source: AccuWeather Caught Sending User Location Data, Even When Location Sharing Is Off
The post AccuWeather Caught Sending User Location Data, Even When Location Sharing Is Off appeared first on MondoUnix.
This Metasploit module will bypass Windows UAC by creating COM handler registry entries in the HKCU hive. When certain high integrity processes are loaded, these registry entries are referenced resulting in the process loading user-controlled DLLs. These DLLs contain the payloads that result in elevated sessions. Registry key modifications are cleaned up after payload invocation. […]
The post Windows Escalate UAC Protection Bypass (Via COM Handler Hijack) appeared first on MondoUnix.
