Archives for 


vBulletin 4.1.x and 5.x.x 0day Exploit released by 1337 Hacker

vbulletin exploit VBulletin - a popular CMS for online forum is being exploited widely by various hackers. vBulletin team released announcements about a possible exploit in versions 4.1+ and 5+ of vBulletin. The announcement read: “A potential exploit vector has been found in the vBulletin 4.1+ and 5+ installation directories. Our developers are investigating this issue at this […] Continue reading →

Mozilla patches Firefox,Thunderbird,SeaMonkey Same Origin Policy Security Bypass Vulnerability

Mozilla-firefox-thunderbird-seamonkey vulnrability   Mozilla has patched a security bypass vulnerability in its products that could allow an attacker to access restricted data or execute arbitrary script code in the user browser. The vulnerable products are Mozilla Firefox, SeaMonkey, and Thunderbird. According to security advisory release (CVE-2013-1713 ), Attackers can exploit this issue to bypass the same-origin policy and certain […] Continue reading →

VMware patches a root privilege escalation flaw in linux-based host machines

VMware-Patches-Vulnerability VMware has fixed a privilege-escalation flaw in two of its major products VMware Workstation and VMware Player. The vulnerability  could allow an attacker to gain root privileges on a linux based host machine. According to the VMware security advisory release (CVE-2013-1662), “VMware Workstation and Player contain a vulnerability in the handling of the vmware-mount command. A […] Continue reading →

Facebook privacy bug allowed Palestinian Researcher post vulnerability details on Zuckerberg wall

facebook bug exploit zuckerberg Khalil Shreateh - A Palestinian web developer and information system expert found a facebook vulnerability that allow any one to post on someone’s wall without any permission. Facebook Security team failed to recognize the critical bug which prompted Khalil to post vulnerability details on Mark Zuckerberg (Facebook CEO) wall successfully as a proof of concept. The […] Continue reading →

Multiple SQL Injection Vulnerabilities on Web Cookbook found by Security Researcher

vulnerability An Independent Pakistani Security Researcher Saadat Ullah found Multiple SQL Injection Vulnerabilities on Web Cookbook. Security Researcher also found SQL Injection and XSS vulnerabilities on nconf-1.3, Plogger Gallery and on Mybb Plugin PRO STAT. Vulnerabilities details are given below: # Exploit Title: Web Cookbook Multiple SQL Injection # Date: 2013/3/12 # Exploit Author: Saadat Ullah , [email protected] […] Continue reading →

FileHippo Vulnerable to XSS flaw found by Security researcher

A Pakistani Security Researcher Ali Hasan Ghauri - founder of AHPT has discovered XSS Vulnerability on main site. Vulnerability still exists Security Researcher told The Hackers Post that In December 2012, the Filehippo entire domain was vulnerable and reported XSS flaw to Filehippo team but did not get any response from the company, so i decided […] Continue reading →

RIM Fixes Remote Code Execution Flaws in BlackBerry

blackberry BSRT-2013-003 advisory released for Vulnerabilities in BlackBerry Enterprise Server components that process images could allow remote code execution. In order to address the issues, RIM has released BlackBerry Enterprise Server 5.0.4 MR2, according to Blackberry. According to the advisory published by the company, the security holes affect the components that process TIFF images for rendering […] Continue reading →