Aggregator
CVE-2020-1769 | OTRS Community Edition up to 5.0.41/6.0.26/7.0.15 Login Screen config (DLA 3551-1)
CVE-2020-1770 | OTRS Community Edition up to 5.0.41/6.0.26/7.0.15 Support Bundle insertion of sensitive information into sent data (DLA 2198-1)
CVE-2020-9467 | Piwigo 2.10.1 /ws.php pwgimagessetInfo File Stored cross site scripting (Issue 159191 / EDB-48814)
CVE-2020-1771 | OTRS Community Edition up to 6.0.26/7.0.15 Article Parameter cross site scripting (DLA 3551-1)
CVE-2005-4055 | Cars Portal up to 1.1 index.php sql injection (EDB-26751 / XFDB-23428)
CVE-2015-2470 | Microsoft Office up to Word Viewer numeric error (MS15-081 / EDB-37924)
CVE-2020-1773 | OTRS Community Edition up to 5.0.41/6.0.26/7.0.15 Password Reset entropy (DLA 3551-1)
CVE-2019-19913 | Intland codeBeamer ALM up to 9.5 Tracker Title Stored cross site scripting (ID 156951)
CVE-2020-11106 | Responsive FileManager up to 9.14.0 dialog.php $_SESSION['RF']['view_type'] Stored cross site scripting (Issue 603)
CVE-2020-5255 | Symfony up to 4.4.6 Response Content-Type improper interaction between multiple correctly-behaving entities
CVE-2020-5274 | Symfony up to 4.4.4/5.0.4 Exception information exposure
CVE-2020-5275 | Symfony security-http up to 4.4.6/5.0.6 Rule improper authorization
CVE-2020-5284 | Next.js up to 9.3.1 path traversal (GHSA-fq77-7p7r-83rj)
Locksmith: identify & remediate common misconfigurations in AD Certificate Services
Locksmith A tiny tool to identify and remediate common misconfigurations in Active Directory Certificate Services. Mode 0 (Default) – Identify Issues and Output to Console PS> .\Invoke-Locksmith.ps1 Running Invoke-Locksmith.ps1 with no parameters or -Mode 0 will...
The post Locksmith: identify & remediate common misconfigurations in AD Certificate Services appeared first on Penetration Testing Tools.
公安部发布等保工作说明函,流行AI开发工具曝严重漏洞|一周特辑
公安部发布等保工作说明函,流行AI开发工具曝严重漏洞|一周特辑
公安部发布等保工作说明函,流行AI开发工具曝严重漏洞|一周特辑
How to rationalize IDPs (without painful migrations)
For enterprise CIOs, CISOs, and IT leaders, managing multiple identity providers (IDPs) is a costly, complex, and security-intensive challenge. Whether due to M&A activities, multi-cloud strategies, or regulatory requirements, fragmented identity ecosystems drive up expenses, increase security risks, and hinder operational efficiency. Why organizations run multiple identity providers Large enterprises often run multiple Identity Providers...
The post How to rationalize IDPs (without painful migrations) appeared first on Strata.io.
The post How to rationalize IDPs (without painful migrations) appeared first on Security Boulevard.
LEAF: Linux Evidence Acquisition Framework
Linux Evidence Acquisition Framework (LEAF) Linux Evidence Acquisition Framework (LEAF) acquires artifacts and evidence from Linux EXT4 systems, accepting user input to customize the functionality of the tool for easier scalability. Offering several modules...
The post LEAF: Linux Evidence Acquisition Framework appeared first on Penetration Testing Tools.