(This advisory follows up on a vulnerability provided in Hack2Win Extreme competition, that won the iOS Privilege Escalation category in our offensive security event in 2018 in Hong Kong – come join us at TyphoonCon – June 2019 in Seoul for more offensive security lectures and training) Vulnerabilities Summary The following advisory describes security bugs […]
Vulnerabilities Summary The following advisory describes two vulnerabilities found in Synology PhotoStation, an unauthenticated SQL injection combined with an authenticated arbitrary file writing with partially controlled data vulnerabilities which leads to remote code execution. Credit Independent security researcher, MengHuan Yu, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.
Vulnerabilities SummaryThe following advisory describes two XSS vulnerabilities found in MDaemon Mail Server which lets attackers send emails with malicious payloads and run client side code on victim’s browsers just by opening an email. CVECVE-2019-8983CVE-2019-8984 CreditAn independent security researcher, Zhong Zhaochen, has reported this vulnerability to SSD Secure Disclosure program.
Welcome to WordPress. This is your first post. Edit or delete it, then start writing!