The 14th practice described in the newly released edition of the Common Sense Guide to Mitigating Insider Threats is Practice 14: Establish a baseline of normal behavior for both networks and employees. In this post, I discuss...
Read MoreIn Sitecore 8.2, there is reflected XSS in the shell/Applications/Tools/Run Program parameter.
Read MoreGeneko GWR routers allow directory traversal sequences starting with a /../ substring, as demonstrated by unauthenticated read access to the configuration file.
Read Morecoders/mpc.c in ImageMagick before 7.0.6-1 does not enable seekable streams and thus cannot validate blob sizes, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other...
Read MoreSubrion CMS before 4.1.6 has a SQL injection vulnerability in /front/actions.php via the $_POST array.
Read More