Application: Cacti
Vendor URL: http://www.cacti.net
Bugs: SQL injection
Author:changzhao.mao(DBAPPSecurity Ltd)
Version affected: 0.8.8f and prior
Introduction
Cacti is a complete frontend to RRDTool, it stores all of the
Many of us have now been long aware of the possibility of programming an USB
device to emulate a keyboard and automatically send keystrokes in order to
perform malicious actions on a computer. Some of the most interesting payloads
that can be used with this technique are based around
Hi @ll,
the executable installers "TrueCrypt Setup 7.1a.exe" and
TrueCrypt-7.2.exe load and execute USP10.dll, RichEd20.dll,
NTMarta.dll and SRClient.dll from their "application directory".
For software downloaded with a web browser the application
directory is typically the user's "Downloads"
-=[ #BSidesLjubljana ]=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Event info:
BSidesLjubljana - https://bsidesljubljana.si
Date: March 9th, 2016
Venue: Poligon creative centre, Ljubljana, Slovenia, Europe
CFP URL: https://bsidesljubljana.si/cfp/
CFP Submit form: http://goo.gl/forms/rzLHcHBHau
Information
Advisory by Netsparker
Name: XSS Vulnerability in OpenCart
Affected Software : OpenCart
Affected Versions: v2.1.0.1 and possibly below
Vendor Homepage : http://www.opencart.com
Vulnerability Type : Cross-site Scripting
Severity : Important
Status : Fixed
CVE-ID :
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
== Description ==
MobaXTerm (http://www.mobatek.net/), a Windows SSH/RDP/VNC/etc. client,
includes
a functionality to open remote sessions via a so-called "jump host" or "SSH
gateway". In the end this creates a "SSH Port Forward" by binding a
