Cisco Identity Services Engine Cross-Site Scripting Vulnerabilities
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xss1-rgxYry2V?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Identity%20Services%20Engine%20Cross-Site%20Scripting%20Vulnerabilities&vs_k=1

Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) Software could allow an attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
For more information about these vulnerabilities, see the Details (https://tools.cisco.com/security/center/psirtrss20/CiscoSecurityAdvisory.xml#details) section of this advisory.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xss1-rgxYry2V


Security Impact Rating: Medium



CVE: CVE-2021-34738,CVE-2021-40121

Corregido 👍

Vulnerabilidad crítica en Alto Networks GlobalProtect VPN
https://blog.segu-info.com.ar/2021/11/vulnerabilidad-critica-en-alto-networks.html

OSCP Linux Privilege Escalation Mind Map🧠.

This mind map will be useful for reference purposes when studying📖 or during your exams📝 and CTF challenges as well.

https://twitter.com/xtremepentest/status/1459508752797868032?s=20

Una nueva técnica permite a los hackers ocultar vulnerabilidades en el código fuente https://unaaldia.hispasec.com/2021/11/una-nueva-tecnica-permite-a-los-hackers-ocultar-vulnerabilidades-en-el-codigo-fuente.html

[webapps] PHP Laravel 8.70.1 - Cross Site Scripting (XSS) to Cross Site Request Forgery (CSRF)
PHP Laravel 8.70.1 - Cross Site Scripting (XSS) to Cross Site Request Forgery (CSRF)
https://www.exploit-db.com/exploits/50525

Vamos con todo en esta #HackForAll
Orgulloso de nuestros Sponsors!!
Aún pueden enviar sus Papers hasta el 30 de Noviembre
CFP: hack.for.all.evento@gmail.com

Participa en nuestros en el CTF y los Sorteos.
Inscribite aqui 👇🏻
https://forms.gle/eeCeh1RX27XrVN7U9

Esta web de la NASA te permite observar la Tierra desde el espacio y descubrir qué hacen nuestros satélites
https://computerhoy.com/noticias/tecnologia/web-nasa-te-permite-observar-tierra-espacio-descubrir-hacen-principales-satelites-966117

Location: Republic of Korea 🇰🇷
IP: 14.48.197.145

Uptime : 4 Days

Type : UDP 1195

Cisco Common Services Platform Collector SQL Injection Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-CSPC-SQLI-unVPTn5?vs_f=Cisco%20Security%20Advisory&vs_cat=Security%20Intelligence&vs_type=RSS&vs_p=Cisco%20Common%20Services%20Platform%20Collector%20SQL%20Injection%20%20Vulnerability&vs_k=1

A vulnerability in the configuration dashboard of Cisco Common Services Platform Collector (CSPC) could allow an authenticated, remote attacker to submit a SQL query through the CSPC configuration dashboard.
This vulnerability is due to insufficient input validation of uploaded files. An attacker could exploit this vulnerability by uploading a file containing a SQL query to the configuration dashboard. A successful exploit could allow the attacker to read restricted information from the CSPC SQL database.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-CSPC-SQLI-unVPTn5



Security Impact Rating: Medium



CVE: CVE-2021-40129

Utilizan plantillas y archivos RTF para phishing y malware
https://blog.segu-info.com.ar/2021/12/utilizan-plantillas-y-archivos-rtf-para.html

[local] MilleGPG5 5.7.2 Luglio 2021 - Local Privilege Escalation
MilleGPG5 5.7.2 Luglio 2021 - Local Privilege Escalation
https://www.exploit-db.com/exploits/50558

Detecting Privilege Escalation Zero Day (CVE-2021-41379)
https://www.logpoint.com/en/blog/detecting-privilege-escalation-zero-day-cve-2021-41379/

Location: Japan 🇯🇵
IP: 219.100.37.134

Uptime : 19 Days

Type : UDP 1195