This Metasploit module exploits an SQL injection vulnerability in the MOVEit Transfer web application that allows an unauthenticated attacker to gain access to MOVEit Transfer's database. Depending on ...

Continue Reading

June 26, 2023

The MStore API plugin for WordPress is vulnerable to Unauthenticated Blind SQL Injection via the 'id' parameter in versions up to, and including, 4.0.1 due to insufficient escaping on the user supplie ...

Continue Reading

June 24, 2023

The MStore API plugin for WordPress is vulnerable to Unauthenticated Blind SQL Injection via the 'id' parameter in versions up to, and including, 4.0.1 due to insufficient escaping on the user supplie ...

Continue Reading

June 24, 2023

## I like to MOVEit, MOVEit, We like to MOVEit!  Party hard just like it's Mardi Gras! [bwatters-r7]() de ...

Continue Reading

June 23, 2023

None ## Summary This security update resolves a Microsoft SharePoint Server elevation of privilege vulnerability, Microsoft SharePoint denial of service vulnerability, and Microsoft SharePoint Server ...

Continue Reading

June 23, 2023

Post ContentRead More ...

Continue Reading

June 23, 2023

This post delves into a very impactful JWT Authentication Bypass vulnerability ([CVE-2023-30845]()) found in [ESP-v2](), an open-source service proxy that provides API management capabilities using Go ...

Continue Reading

June 23, 2023

[]() VMware has flagged that a recently patched critical c ...

Continue Reading

June 23, 2023

This post delves into a very impactful JWT Authentication Bypass vulnerability ([CVE-2023-30845]()) found in [ESP-v2](), an open-source service proxy that provides API management capabilities using Go ...

Continue Reading

June 19, 2023

This post delves into a very impactful JWT Authentication Bypass vulnerability ([CVE-2023-30845]()) found in [ESP-v2](), an open-source service proxy that provides API management capabilities using Go ...

Continue Reading

June 19, 2023