Vulnerabilities – Page 15 – RealinfoSec.Net

cpanel

InfoSec News Vulnerabilities

2-Factor Authentication Bypass Flaw Reported in cPanel and WHM Software

26 November 20201 January 2022 RiSec.n0tst3 0 Comments Cpanel Bypass, exploit-db, SEC-575

About
Latest Posts

Connect

Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK.

I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated...

I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK.

I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!

Connect

Latest posts by RiSec.n0tst3 (see all)

Making Sense Of The Chinese Attack On US Critical Infrastructure - 30 May 2023
The Vital Importance of Regulations, Guidance, and Best Practices for Application Security - 24 May 2023
Implementing a Vulnerability Disclosure Policy: A Definitive Guide [NCSC Toolkit V2 – Deep Dive] - 22 May 2023

cPanel, a provider of popular administrative tools to manage web hosting, has patched a security vulnerability that could have allowed

Vulnerabilities

SyncBreeze 10.0.28 – (password) Remote Buffer Overflow Exploit

25 November 20201 January 2022 RiSec.Mitch 0 Comments buffer overflow

About
Latest Posts

Just your average information security researcher from Delaware US.

Latest posts by RiSec.Mitch (see all)

An Essential Guide to Understanding, Reporting, and Combatting Digital Threats - 28 May 2023
Busting the Myths: NCSC and ICO Expose the Truth About Incident Reporting - 11 May 2023
PHP vs Ruby vs Python vs Go: Comparing Popular Programming Languages for Web Development - 31 March 2023

CVE: N/A Platform: Multiple / Win / WebAPPS Date: 25-11-2020

Vulnerabilities

osCommerce 2.3.4.1 – ‘title’ Persistent Cross-Site Scripting

25 November 202025 November 2020 RiSec.Mitch 0 Comments cross-site scripting, exploit-db, osCommerce 2.3

About
Latest Posts

Just your average information security researcher from Delaware US.

Latest posts by RiSec.Mitch (see all)

An Essential Guide to Understanding, Reporting, and Combatting Digital Threats - 28 May 2023
Busting the Myths: NCSC and ICO Expose the Truth About Incident Reporting - 11 May 2023
PHP vs Ruby vs Python vs Go: Comparing Popular Programming Languages for Web Development - 31 March 2023

CVE: N/A Platform: PHP Date: 2020-11-25

Vulnerabilities

nopCommerce Store 4.30 – ‘name’ Stored Cross-Site Scripting

24 November 202025 November 2020 RiSec.n0tst3 0 Comments cross-site scripting, CSS vuln, exploit-db, nopCommerce store, xss

About
Latest Posts

Connect

Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK.

I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated...

I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK.

I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!

Connect

Latest posts by RiSec.n0tst3 (see all)

Making Sense Of The Chinese Attack On US Critical Infrastructure - 30 May 2023
The Vital Importance of Regulations, Guidance, and Best Practices for Application Security - 24 May 2023
Implementing a Vulnerability Disclosure Policy: A Definitive Guide [NCSC Toolkit V2 – Deep Dive] - 22 May 2023

CVE: N/A Platform: Multiple Date: 2020-11-24

InfoSec News Vulnerabilities

Apache OpenMeetings 5.0.0 – ‘hostname’ Denial of Service

24 November 202025 November 2020 RiSec.n0tst3 0 Comments Apache Open Meetings, DOS vuln, exploit-db, OpenMeetings 5

About
Latest Posts

Connect

Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK.

I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated...

I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK.

I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!

Connect

Latest posts by RiSec.n0tst3 (see all)

Making Sense Of The Chinese Attack On US Critical Infrastructure - 30 May 2023
The Vital Importance of Regulations, Guidance, and Best Practices for Application Security - 24 May 2023
Implementing a Vulnerability Disclosure Policy: A Definitive Guide [NCSC Toolkit V2 – Deep Dive] - 22 May 2023

CVE: 2020-13951 Platform: Multiple Date: 2020-11-24

InfoSec News Vulnerabilities

ZeroShell 3.9.0 – ‘cgi-bin/kerbynet’ Remote Root Command Injection

24 November 202025 November 2020 RiSec.n0tst3 0 Comments Command Injection, exploit, exploit-db, Remote Root, ZeroShell 3.9.0

About
Latest Posts

Connect

Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK.

I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated...

I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK.

I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!

Connect

Latest posts by RiSec.n0tst3 (see all)

Making Sense Of The Chinese Attack On US Critical Infrastructure - 30 May 2023
The Vital Importance of Regulations, Guidance, and Best Practices for Application Security - 24 May 2023
Implementing a Vulnerability Disclosure Policy: A Definitive Guide [NCSC Toolkit V2 – Deep Dive] - 22 May 2023

CVE: 2019-12725 Platform: LINUX Date: 2020-11-24

download 1

Vulnerabilities

Netsuveillancewebcookie Web interface password change

22 November 202013 February 2022 RiSec.n0tst3 0 Comments NetSurveillance, password change, php, vuln

About
Latest Posts

Connect

Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK.

I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated...

I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK.

I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!

Connect

Latest posts by RiSec.n0tst3 (see all)

Making Sense Of The Chinese Attack On US Critical Infrastructure - 30 May 2023
The Vital Importance of Regulations, Guidance, and Best Practices for Application Security - 24 May 2023
Implementing a Vulnerability Disclosure Policy: A Definitive Guide [NCSC Toolkit V2 – Deep Dive] - 22 May 2023

OpenSourceCMS100article

Vulnerabilities

WonderCMS 3.1.3 – ‘content’ Persistent Cross-Site Scripting

21 November 2020 RiSec.n0tst3 0 Comments cross-site scripting, css, exploit, poc, WonderCMS

About
Latest Posts

Connect

Hello! I'm Steve, an independent security researcher, and analyst from Scotland, UK.

I've had an avid interest in Computers, Technology and Security since my early teens. 20 years on, and, it's a whole lot more complicated...

I've assisted Governments, Individuals and Organizations throughout the world. Including; US DOJ, NHS UK, GOV UK.

I'll often reblog infosec-related articles that I find interesting. On the RiSec website, You'll also find a variety of write-ups, tutorials and much more!

Connect

Latest posts by RiSec.n0tst3 (see all)

Making Sense Of The Chinese Attack On US Critical Infrastructure - 30 May 2023
The Vital Importance of Regulations, Guidance, and Best Practices for Application Security - 24 May 2023
Implementing a Vulnerability Disclosure Policy: A Definitive Guide [NCSC Toolkit V2 – Deep Dive] - 22 May 2023

unnamed 1

Vulnerabilities

Boxoft Convert Master 1.3.0 – ‘wav’ SEH Local Exploit

21 November 20201 January 2022 RiSec.Mitch 0 Comments convert master 1.3.0, SEH local exploit

About
Latest Posts

Just your average information security researcher from Delaware US.

Latest posts by RiSec.Mitch (see all)

An Essential Guide to Understanding, Reporting, and Combatting Digital Threats - 28 May 2023
Busting the Myths: NCSC and ICO Expose the Truth About Incident Reporting - 11 May 2023
PHP vs Ruby vs Python vs Go: Comparing Popular Programming Languages for Web Development - 31 March 2023

unnamed

Vulnerabilities

Free MP3 CD Ripper 2.8 – Multiple File Buffer Overflow (Metasploit)

21 November 202021 November 2020 RiSec.Mitch 0 Comments CD ripper 2.8, File buffer exploit, free mp3, overflow

About
Latest Posts

Just your average information security researcher from Delaware US.

Latest posts by RiSec.Mitch (see all)

An Essential Guide to Understanding, Reporting, and Combatting Digital Threats - 28 May 2023
Busting the Myths: NCSC and ICO Expose the Truth About Incident Reporting - 11 May 2023
PHP vs Ruby vs Python vs Go: Comparing Popular Programming Languages for Web Development - 31 March 2023