Stored XSS leads to account takeover in Flarum
Reading Time: 2 minutesCyStack Advisory ID CSA-2022-01 CVE IDs CVE-2022-41938 Severity Critical CVSS v3 Base 9.0 Synopsis CyStack’s researchers recently discovered a Stored XSS vulnerability in the Flarum platform version 1.5.0 to 1.6.1 which can lead to an account takeover attack. Flarum is a widely used simple and open-source forum platform. At the time of this post, we […]
Reading Time: 3 minutesCyStack Advisory ID CSA-2021-01 CVE IDs CVE-2021-44832 Severity Critical CVSS v3 Base 10.0 Synopsis Cyclos is a payment software created for banks, barters, remittances, and innovative currency systems. Cyclos is used by more than 1500 payment systems worldwide. CyStack recently found that Cyclos versions prior to 4.14.15 are vulnerable to the remote code execution vulnerability. […]
Reading Time: 4 minutesKernel rootkit is considered the most dangerous malware that may infect computers. Operating at ring 0, the highest privilege level in the system, this super malware has unrestricted power to control the whole machine, thus can defeat all the defensive and monitoring mechanisms. Unfortunately, dynamic analysis solutions for kernel rootkits are severely lacking; indeed, most […]
Reading Time: 4 minutesCyStack Advisory ID CSA-2019-04 CVE IDs CVE-2019-19307 Severity Critical CVSS v3 Base 9.8 Synopsis CyStack Security discovered an integer overflow vulnerability in the implementation of MQTT protocol in the Cesanta Mongoose Library version 6.16. By exploiting the vulnerability, a remote, unauthenticated attacker can perform a DoS attack to broker server with an infinite loop or […]
Reading Time: 3 minutesCyStack Advisory ID CSA-2019-03 CVE IDs CVE-2019-16057 Severity Critical CVSS v2 Base 10.0 Vendor’s announcement Link Synopsis CyStack Security discovered a remote code execution vulnerability in the D-Link DNS-320 ShareCenter device which its version is lower or equal 2.05.B10 . By exploiting the vulnerability, a remote, unauthenticated attacker can access to all application commands with […]
Reading Time: 2 minutesCyStack Advisory ID CSA-2019-02 CVE IDs CVE-2019-13488, CVE-2019-13489 Severity Medium Trape is an OSINT analysis and research tool, which allows people to track and execute intelligent social engineering attacks in real time. It is a quite popular project, with 4k stars on Github, and a presentation at Black Hat Asia 2018. Recently, I have discovered […]
Reading Time: 2 minutesSummary HackerRank is a technical hiring platform that helps businesses evaluate software developers based on skill. I found several its website can be attacked to read arbitrary files. Details Most websites of Hackerrank use Ruby on Rails (RoR) as their backend. Unfortunately, its recent versions are vulnerable to a file content disclosure vulnerability (CVE-2019-5418). By […]