admin | November 29, 2011
Blog: http://security-obscurity.blogspot.com Garden Store has a vulnerable version (1.1.7) of virtuemart (Joomla plugin) and through a blind sql injection we can retrieve administrator credentials. We edit the main template and place into the footer tag a simple piece of code properly obfuscated to get user’s credit cards data. – virtuemart exploit found by TecR0c & [...]
admin | November 25, 2011
Blog: http://security-obscurity.blogspot.com A lot of wordpress themes use timthumb script to resize images. From version 1.15 to 1.33 timthumb allow to external domains such as flickr.com to display on your website remote images. More detailed information here: – http://goo.gl/ZbHC0 – http://goo.gl/DOWo8 TimThumb version used http://goo.gl/6Z9pO Vulnerable wordpress theme: http://goo.gl/KZfOO List of vulnerable wordpress themes http://goo.gl/KR8xT [...]
admin | September 18, 2011
Just a month after kernel.org – the nerve centre of Linux kernel development – fell victim to a malware attack, the Penguinista community is reeling from another bout of security breaches. “Linux Foundation infrastructure including LinuxFoundation.org, Linux.com and their subdomains are down for maintenance due to a security breach that was discovered on September 8, [...]
