I found a self-XSS in the wordpress core the other day, when you manage to succesfully exploit this vulnerability only imagination can stop you from owning the wordpress installation.
More+Back in good old 2008, a researcher at the security firm Outpost24 – Jack C. Louis; found a crucial DoS vulnerability in the fundaments of TCP/IP. In fact, it turned out to be so powerful, that all major operating systems appeared to be vulnerable.
We got a PoC…
More+Over the past days I have been auditing the Pligg CMS, I am not yet through all code and there are still a lot of vulnerabilities but here are 12 things which got my attention. Let’s hope they fix it fast =D The problem of not stopping the execution of a PHP script after a redirect problem #1 vulnerable: versions prior to 1.1.3 result: information disclosure, unwanted execution of server…
More+I just tried to find more security leaks in the firestats plugin, I was specifically searching for remotely exploitable problems. The results are 7 fresh security issues.
More+I found a remotely exploitable reflected cross site scripting vulnerability in the wordpress firestats plugin. There is a small if statement for the GET value fs_javascript in the file /wp-content/plugins/firestats-wordpress.php here…
More+