Posted by Diego on Jan 17
Hi guys.
I foun’t a new vulnerabiliti in a wordpress plugin called: “Direct Download
for WooCommerce”.
This vulnerability allow you make an Remote LFI download, so, we can
download any in the server where we’re running this plugin, I foun’t this
vulnerability the last week and I reported this to Kameleon but i don’t know
if this bug is partched right now in a new versión.
I’ve been written an exploit to this plugin in Python. This…
Posted by Andraz Sraka on Jan 17
-=[ BSidesLjubljana Event info ]=-=-=-=-=-=-=-=-=-=-=-=-=-=-
BSidesLjubljana – https://bsidesljubljana.si
Date: March 10th, 2017
Venue: Poligon creative centre, Ljubljana, Slovenia, Europe
CFP URL: https://bsidesljubljana.si/cfp/
CFP Submit form: https://goo.gl/forms/QXrdRm68rdJyV1ax2
Email: cfp[at]bsidesljubljana.si
Twitter: @BSidesLjubljana
Twitter hashtag: #BSidesLjubljana
-=[ CALL FOR PAPERS…
A memory corruption vulnerability exists in Adobe Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker could trigger this issue via a specially crafted JPEG file.
A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an affected version of Flash Player.
If you want to get the most out of your computer, you need to get the most out of your hard drive, where all your data is stored.
Today hard drives are larger than ever, so it makes sense for you to partition your hard disk to effectively use all of its space and manage all your important information.
Partitioning is also useful if you intend to install and use more than one operating system
Proof of concept exploit for CVE-2016-3074 targeting Ubuntu 15.10 x86-64 with php5-gd and php5-fpm running behind nginx.