Videos

Fri
25
Jul
Editorial_Staff_Team's picture

2 Filter Evasion Security Videos released - Barracuda Networks Bug Bounty Program

2 Filter Evasion Security Videos released - Barracuda Networks Bug Bounty Program

In the last 7 days we released 5 new barracuda networks security vulnerabilities in the laboratory infrastructure. The issue has been coordinated disclosed by the vulnerability laboratory in cooperation with the manufacturer barracuda networks. Two of the issues has been recorded during the exploitation phase. Feel free to watch the two security demonstration videos.

Barracuda Networks Firewall Appliance Application - POST to CS GET Exception Handling Vulnerability

Advisory: http://www.vulnerability-lab.com/get_content.php?id=1102

Thu
17
Jul
Editorial_Staff_Team's picture

VL Core Team published Blind SQL Injection Vulnerability with Video PoC to MSRC

Core Team published Blind SQL Injection Vulnerability with Video PoC to MSRC

In january 2014 a critical remote vulnerability has been reported to the microsoft security response center team. The issue has been patched during july by the manufacturer.

The SQL Injection vulnerability was located in the item.asp file. The vulnerable parameter to inject the sql commands is `item_id`. Remote attacker are able to inject own sql commands to the item_id value in the item.asp file GET method request. The issue is a blind injection and the attack type is boolean based.

Pages

Subscribe to RSS - Videos