Published Vulnerabilities

Wed
20
May
Editorial_Staff_Team's picture

Eisbär SCADA - Persistent Software Vulnerability in Visualization Software

Eisbär SCADA - Persistent Software Vulnerability in Visualization Software

Today security researchers of the vulnerability laboratory team disclosed an application-side vulnerability in the SCADA Eisbär software. EisBär KNX is a modern, affordable software for visualization and automation of intelligent buildings or machinery.

The researcher setup a secure environment that was able to execute scada controlled functions in our company by an android, ios and windows mobile device. Due to the implementation we discovered that the server configuration input impacts a common security risk.

Wed
22
Apr
Editorial_Staff_Team's picture

Researcher discovers Zero-Day Vulnerability in Wordpress Plugin of Exploit DB

Researcher discovers Zero-Day Vulnerability in Wordpress Plugin of Exploit DB

The young security researcher paulos yibleo discovered a remote vulnerability in the offensive security exploit-db community.

The vulnerability occured in the blog service of the community. The offensive security team installed an application plugin for wordpress called "wp-rocket". The "wp-rocket" (wp-rocket.me) plugin is well known for unsecure programming mythology.

The security vulnerability that is remotly exploitable was located in the /wp-content/wprocketfolder/inc/front/process.php application file. The process.php file allows to request without authorization (pre-auth) $host controlled inputs.

Pages

Subscribe to RSS - Published Vulnerabilities