SSRF vulnerability was found in Tumbler plugin of XFCE. It works on the latest Debian and Kali Linux, and high likely on all Linux distributions with out-of-date XFCE.
Interesting case with code execution in Nmap
About remote code execution vector in Nmap that was found in web site for system administrators.
Multiple vulnerabilities in LibreHealth EHR 2.0.0 part 2
During an internship at NitroTeam.kz, my students found several vulnerabilities in LibreHealth: Broken Access Control (CVE-2022-31496), Cross-Site Scripting (CVE-2022-31492, CVE-2022-31493, CVE-2022-31494, CVE-2022-31495, CVE-2022-31497, CVE-2022-31498).
Multiple vulnerabilities in LibreHealth EHR 2.0.0
I have found several vulnerabilities in open-source system LibreHealth EHR 2.0.0. More precisely 1 SQL-injection (CVE-2022-29938) and 2 Cross-site scripting (XSS) (CVE-2022-29939, CVE-2022-29940) vulnerabilities.
Video course “Ethical hacking and Penetration testing”
Sharing is caring. I decide to try systemize my knowledge and for this I’ve created video course “Ethical hacking and Penetration testing” available for anyone. It contains 10 actual topics.
We won The Standoff 365. Again.
The Standoff is a unique cyber environment created by IT and information security specialists for the secure development of IT infrastructure, which allows you to simulate the digital twin of a modern metropolis and demonstrate how cybercriminals can affect its high-tech infrastructure. This time I was on the team “Codeby&NitroTeam”. Yes, we changed the name of… Continue reading We won The Standoff 365. Again.
My speech at Kolesa Conf’21
I spoke at conference Kolesa Conf’21 several days ago with topic “Hacking up-to-date Wordpress”. Presentation shows that cross-site scripting (XSS) almost always will lead to client-side request forgery, and most times to remote code execution (RCE) even in the case with freshest Wordpress.
Open SysConf’21 is over
That was amazing conference and nice collaboration with professionals, especially in the pandemic time.
Open SysConf’21 is coming!
The only IT / InfoSec / *OPS open conference in Kazakhstan without advertising and vendors. Interesting reports from experienced specialists. Hurry up to register!
CVE-2021-34187. Unauthenticated SQL injection in Chamilo LMS 1.11.x and (dev version of) 2.0
Lack of sanitization of GET-parameters searchField, filters, filters2 in /main/inc/ajax/model.ajax.php leads to the multiple unauthorized SQL injections in Chamilo LMS 1.11.x and (dev version of) 2.0