Aggregator

A vulnerability, which was classified as critical, has been found in QEMU on Windows. Affected by this issue is some unknown functionality of the component Guest Agent Service. The manipulation leads to execution with unnecessary privileges. This vulnerability is handled as CVE-2023-0664. Local access is required to approach this attack. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in squidex up to 7.3.x. It has been classified as problematic. This affects an unknown part. The manipulation leads to improper handling of additional special element. This vulnerability is uniquely identified as CVE-2023-0643. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in squidex up to 7.3.x. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. This vulnerability was named CVE-2023-0642. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

Hackers have started to exploit a critical remote code execution vulnerability in Wing FTP Server just one day after technical details on the flaw became public. [...]

本周二是今年至今最短的一天。根据 U.S. Naval Observatory and the International Earth Rotation and Reference Systems Service 的数据，周二的自转时间比标准的 24 小时短 1.34 毫秒。地球自转受到了地核运动、大气变化和月球位置等因素的影响。地球最近几年的自转都比通常更快，自转一周的时间经常短于 24 小时。未来几周或几个月可能会出现更多类似的情况。但从千万年的时间跨度上看，地球一天的时间长度并没有变短，而是在变长，比如霸王龙生活的 7000 万年前，一天的时间长度只有 23.5 小时。

A vulnerability classified as critical has been found in code-projects Simple Car Rental System 1.0. This affects an unknown part of the file /pay.php. The manipulation of the argument mpesa leads to sql injection. This vulnerability is uniquely identified as CVE-2025-7475. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in code-projects Modern Bag 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/login-back.php. The manipulation of the argument user-name leads to sql injection. This vulnerability is known as CVE-2025-7471. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in code-projects Job Diary 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /search.php. The manipulation of the argument Search leads to sql injection. This vulnerability is handled as CVE-2025-7474. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, has been found in BoldGrid Total Upkeep Plugin up to 1.14.9 on WordPress. Affected by this issue is some unknown functionality of the file env-info.php of the component Back-Up File Handler. The manipulation leads to information disclosure. This vulnerability is handled as CVE-2020-36848. The attack may be launched remotely. There is no exploit available.

A vulnerability has been found in AIT CSV Import Export Plugin up to 3.0.3 on WordPress and classified as critical. This vulnerability affects unknown code. The manipulation leads to unrestricted upload. This vulnerability was named CVE-2020-36849. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Modern Events Calendar Lite Plugin up to 6.3.0 on WordPress. It has been classified as critical. Affected is the function wp_ajax_mec_load_single_page. The manipulation of the argument ID leads to sql injection. This vulnerability is traded as CVE-2021-4458. It is possible to launch the attack remotely. There is no exploit available.

文章介绍如何利用Docker构建便携、可重复且定制化的黑客实验室，解决工具依赖冲突、系统更新导致损坏及虚拟机启动慢等问题。通过容器化工具实现快速部署和跨机器使用。

文章介绍了Active Directory渗透测试的常用工具及其功能示例,包括Pypy、Kerbrute、BloodHound等,帮助防御者发现潜在漏洞,并提供了最佳实践建议以增强AD安全性。

作者在深夜使用Burp Suite发现了一个CORS配置错误，尽管初步看起来可能严重，但实际影响较低。通过手动添加自定义Origin头并测试API响应，确认了CORS配置允许跨域请求并支持凭证。然而，经过进一步调查发现暴露的数据均为公共信息（如产品数据和博客内容），并无敏感数据或用户特定信息。最终报告中详细说明了问题，并获得团队快速修复和认可。

文章介绍了一种经典的Windows权限提升技术——未加引号的服务路径。攻击者可利用此漏洞通过创建恶意文件，在服务启动时获取SYSTEM权限。检测方法包括使用`sc qc`和`icacls`检查服务路径及写入权限。修复建议包括为服务路径添加引号、限制服务运行权限及审计文件夹权限。

Offensive X 2025在希腊雅典举办，汇聚安全专家、研究人员和爱好者，提供技术演讲、实操培训、CTF比赛和黑客村活动。赞助商参与并支持社区发展，强调多样性和包容性。

本文探讨了`SameSite` cookie属性（包括`Strict`、`Lax`、`None`及未设置的情况）在跨站请求中的行为差异及其对网站安全的影响，并通过实际案例分析了不同设置对用户体验和安全性的作用。

深夜利用Maggi进行渗透测试，通过gau、waybackurls等工具组合发现.git仓库漏洞，成功获取源代码和管理员凭证等敏感信息。