Hundreds of ScriptCase web apps are vulnerable to two bugs that allow attackers to reset passwords and inject malicious commands without needing to authenticate.

campuscodi@mastodon.social

According to VulnCheck, exploitation is simple and only requires a few curl commands.

ScriptCase - Hunt It, Exploit It, Defend It | Blog | VulnCheck

A month after disclosure, hundreds of ScriptCase servers remain exposed and actively targeted. This post walks through finding vulnerable instances, exploiting them with just a few curl commands, and the key detection points defenders can use to stop attacks.

VulnCheck (www.vulncheck.com)

Citiverse

Navigazione

Account

Navigazione

Account

Hundreds of ScriptCase web apps are vulnerable to two bugs that allow attackers to reset passwords and inject malicious commands without needing to authenticate.

ScriptCase - Hunt It, Exploit It, Defend It | Blog | VulnCheck

DIY Wind Turbine Gets a 3-Phase Rectifier

US sanctions Grinex, the successor of Garantex, a Russian crypto-exchange involved in ransomware money laundering

Sempre nel mio cuore, in qualche modo.

Ponte Morandi: “Soltanto il crollo avrà la sentenza, il resto prescritto”.

#Autostrade, 650 mln scomparsi: così il prezzo pagato ai #Benetton è stato gonfiato.

NFC-relay attacks, which I've been breathlessly warning about for a year, have now expanded to Brazil

Il governo ha deciso di finanziare la sicurezza per le #Olimpiadi invernali Milano-Cortina con 43 milioni di euro tratti dal Fondo di rotazione per la solidarietà alle vittime di mafia, usura, e ag...

Alla fine sono riuscito a configurare i driver wifi broadcom su debian 13.