🛡 Cybersecurity & Privacy 🛡 - News
@cibsecurity
25.8K subscribers
89.2K links
🗞 The finest daily news on cybersecurity and privacy.

🔔 Daily releases.

💻 Is your online life secure?

📩 lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
🛡 Cybersecurity & Privacy 🛡 - News
25.8K subscribers
🛡 Cybersecurity & Privacy 🛡 - News
🔐 Why security is the top barrier in enterprise cloud adoption 🔐

At RSA 2019, Richard Bird of Ping Identity discussed identity-related security issues and solutions for enterprises.

📖 Read

via "Security on TechRepublic".
TechRepublic
Why security is the top barrier in enterprise cloud adoption
At RSA 2019, Richard Bird of Ping Identity discussed identity-related security issues and solutions for enterprises.
14 views
🛡 Cybersecurity & Privacy 🛡 - News
🔐 Blockchain implementation: Top security risks for the enterprise 🔐

At RSA 2019, Charles Henderson of IBM X-Force Red explained the cybersecurity challenges involved in bringing blockchain to the enterprise.

📖 Read

via "Security on TechRepublic".
TechRepublic
Blockchain implementation: Top security risks for the enterprise
At RSA 2019, Charles Henderson of IBM X-Force Red explained the cybersecurity challenges involved in bringing blockchain to the enterprise.
13 views
🛡 Cybersecurity & Privacy 🛡 - News
🔐 Why companies ignore cybersecurity in digital transformations 🔐

At RSA 2019, Emily Mossburg of Deloitte explained the challenges companies face when it comes to cybersecurity.

📖 Read

via "Security on TechRepublic".
TechRepublic
Why companies ignore cybersecurity in digital transformations
At RSA 2019, Emily Mossburg of Deloitte explained the challenges companies face when it comes to cybersecurity.
13 views
🛡 Cybersecurity & Privacy 🛡 - News
ATENTION New - CVE-2018-18449

EmpireCMS 7.5 allows CSRF for adding a user account via an enews=AddUser action to e/admin/user/ListUser.php, a similar issue to CVE-2018-16339.

📖 Read

via "National Vulnerability Database".
14 views
🛡 Cybersecurity & Privacy 🛡 - News
ATENTION New - CVE-2018-17988

LayerBB 1.1.1 has SQL Injection via the search.php search_query parameter.

📖 Read

via "National Vulnerability Database".
14 views
🛡 Cybersecurity & Privacy 🛡 - News
ATENTION New - CVE-2018-17429

/console/account/manage.php?type=action&action=add in JTBC v3.0(C) has CSRF for adding an administrator account.

📖 Read

via "National Vulnerability Database".
14 views
🛡 Cybersecurity & Privacy 🛡 - News
ATENTION New - CVE-2018-17426

WUZHI CMS 4.1.0 has stored XSS via the "Extension module" "SMS in station" field under the index.php?m=core URI.

📖 Read

via "National Vulnerability Database".
14 views
🛡 Cybersecurity & Privacy 🛡 - News
ATENTION New - CVE-2018-17425

WUZHI CMS 4.1.0 has stored XSS via the "Membership Center" "I want to ask" "detailed description" field under the index.php?m=member URI.

📖 Read

via "National Vulnerability Database".
15 views
🛡 Cybersecurity & Privacy 🛡 - News
ATENTION New - CVE-2018-17422

dotCMS before 5.0.2 has open redirects via the html/common/forward_js.jsp FORWARD_URL parameter or the html/portlet/ext/common/page_preview_popup.jsp hostname parameter.

📖 Read

via "National Vulnerability Database".
15 views
🛡 Cybersecurity & Privacy 🛡 - News
ATENTION New - CVE-2018-17421

An issue was discovered in ZrLog 2.0.3. There is stored XSS in the file upload area via a crafted attached/file/ pathname.

📖 Read

via "National Vulnerability Database".
16 views
🛡 Cybersecurity & Privacy 🛡 - News
ATENTION New - CVE-2018-17420

An issue was discovered in ZrLog 2.0.3. There is a SQL injection vulnerability in the article management search box via the keywords parameter.

📖 Read

via "National Vulnerability Database".
17 views
🛡 Cybersecurity & Privacy 🛡 - News
ATENTION New - CVE-2018-17419

An issue was discovered in setTA in scan_rr.go in the Miek Gieben DNS library before 1.0.10 for Go. A dns.ParseZone() parsing error causes a segmentation violation, leading to denial of service.

📖 Read

via "National Vulnerability Database".
19 views
🛡 Cybersecurity & Privacy 🛡 - News
ATENTION New - CVE-2018-17418

Monstra CMS 3.0.4 allows remote attackers to execute arbitrary PHP code via a mixed-case file extension, as demonstrated by the 123.PhP filename, because plugins\box\filesmanager\filesmanager.admin.php mishandles the forbidden_types variable.

📖 Read

via "National Vulnerability Database".
19 views
🛡 Cybersecurity & Privacy 🛡 - News
ATENTION New - CVE-2018-17416

A SQL injection vulnerability exists in zzcms v8.3 via the /admin/adclass.php bigclassid parameter.

📖 Read

via "National Vulnerability Database".
18 views
🛡 Cybersecurity & Privacy 🛡 - News
ATENTION New - CVE-2018-17415

zzcms V8.3 has a SQL injection in /user/zs_elite.php via the id parameter.

📖 Read

via "National Vulnerability Database".
16 views
🛡 Cybersecurity & Privacy 🛡 - News
ATENTION New - CVE-2018-17414

zzcms v8.3 has a SQL injection in /user/jobmanage.php via the bigclass parameter.

📖 Read

via "National Vulnerability Database".
15 views
🛡 Cybersecurity & Privacy 🛡 - News
ATENTION New - CVE-2018-17413

XSS exists in zzcms v8.3 via the /uploadimg_form.php noshuiyin parameter.

📖 Read

via "National Vulnerability Database".
15 views
🛡 Cybersecurity & Privacy 🛡 - News
ATENTION New - CVE-2018-17412

zzcms v8.3 contains a SQL Injection vulnerability in /user/logincheck.php via an X-Forwarded-For HTTP header.

📖 Read

via "National Vulnerability Database".
14 views
🛡 Cybersecurity & Privacy 🛡 - News
ATENTION New - CVE-2018-16809

An issue was discovered in Dolibarr through 7.0.0. expensereport/card.php in the expense reports module allows SQL injection via the integer parameters qty and value_unit.

📖 Read

via "National Vulnerability Database".
14 views
🛡 Cybersecurity & Privacy 🛡 - News
ATENTION New - CVE-2018-16808

An issue was discovered in Dolibarr through 7.0.0. There is Stored XSS in expensereport/card.php in the expense reports plugin via the comments parameter, or a public or private note.

📖 Read

via "National Vulnerability Database".
14 views
🛡 Cybersecurity & Privacy 🛡 - News
ATENTION New - CVE-2018-16804

An issue was discovered in UCMS 1.4.6. There is XSS in the title bar, as demonstrated by a do=list request.

📖 Read

via "National Vulnerability Database".
13 views