TSEC NEWS: 10.04.21 - Back again ||| cooming soon - 1. TSec-Accounts 2.comments 3. personalized feed... if i have the time

❈ "Alf" zurück im Free-TV – NITRO zeigt alle Episoden des Katzenfans von Melmac

Nachrichten chip.de

Alf ist wieder da: Der freche Außerirdische vom Planeten Melmac kehrt ins deutsche TV zurück. Im Mai beginnt Spartensender NITRO mit der Ausstrahlung der 102 Episoden....


Kompletten Artikel lesen (externe Quelle: https://www.chip.de/news/Alf-zurueck-im-Free-TV-NITRO-zeigt-alle-Episoden-des-Katzenfans-von-Melmac_183492699.html)

Zur Team IT Security IT Sicherheit Nachrichtenportal Startseite

➤ Weitere Beiträge von Team Security | IT Sicherheit (tsecurity.de)

Automattic: [intensedebate.com] SQL Injection Time Based On /js/commentAction/

vom 509.24 Punkte
[intensedebate.com] SQLi Time Based On /js/commentAction/ Summary: Hello, I have found a SQLI Injection Time Based on /js/commentAction/. When a user want to submit/reply to a comment, a JSON payload was send by a GET request. GET /js/commentAction/?data

Movierulz 2020 | Download Watch Telugu Bollywood and Hollywood Full Movies Online Free

vom 494.03 Punkte
Movierulz - Download watch latest Bollywood Hollywood Hindi English Telugu Tamil Malayalam Dubbed Kannada Marathi Punjabi movies online free movierulz torrent8Movierulz.ws- Download Watch Telugu Bollywood and Hollywood Full Movies Online FreeThe torre

HackerOne: Pentester can obtain information about other pentesters who applied for the same test, but weren't accepted

vom 477.26 Punkte
Hi team, I don't know your policy about pentesters(about their visibility on the platform), But I couldn't find any other pentesters before. 1) For example: GraphQL has the h1_pentester attribute that would explicitly point us to th

h1-ctf: [H1-2006 2020] "Swiss Cheese" design style leads to helping Mårten Mickos pay poor hackers

vom 364.12 Punkte
Summary: Several vulnerabilities in the bountypay application leads to unauthorised access, information disclosure, SSRF and other fun stuff. Steps To Reproduce: This is how I helped Mårten Mickos pay the poor hackers who had been waiting so long fo

Keybase: SOP bypass using browser cache

vom 342.3 Punkte
Summary An attacker has the ability to extract sensitive information from user's accounts, due to a CORS issue. On a minor note, this also is a cross-site leak as we can fingerprint what exact keybase user has accessed the attacker'

NordVPN: Disclosure of User Information

vom 301.28 Punkte
Hi Team, We can get information about the users registered (such as: id, name, login name, etc.) and employees of NordVPN without authentication on https://www.nordvpn.com Vulnerable URL: https://nordvpn.com/wp-json/wp/v2/users/ Vulnerable URL: https://nordvpn.com/?rest

Apple presents the best of 2018

vom 290.81 Punkte
Apple presents the best of 2018<br/>The Apps, Games, Music, Movies, TV Shows, Podcasts and More That Shaped Entertainment and Culture Around the World This Year<br/>As the year comes to a close there are so many unanswered questions: Who is

Apple presents the best of 2018

vom 290.81 Punkte
Apple presents the best of 2018<br/>The Apps, Games, Music, Movies, TV Shows, Podcasts and More That Shaped Entertainment and Culture Around the World This Year<br/>As the year comes to a close there are so many unanswered questions: Who is

Agoric: Improper Input Validation allows an attacker to "double spend" or "respend", violating the integrity of the message command history or causing DoS

vom 284.98 Punkte
Summary: Improper Input Validation allows an attacker to &quot;double spend&quot; or &quot;respend&quot;, violating the integrity of the message command history or causing DoS Steps To Reproduce: I was curling random integers and found

CS Money: ReDoS at wiki.cs.money graphQL endpoint (AND probably a kind of command injection)

vom 284.1 Punkte
Summary: The endpoint /graphql has a vulnerable query operation named &quot;search&quot;, that can I send a Regex malformed parameter, in order to trick the original regular expression to a regex bomb expression. Payload with a &quot;com

U.S. Dept Of Defense: Self XSS + CSRF Leads to Reflected XSS in https://████/

vom 281.79 Punkte
Hi Security Team, The form inputs in https://███/ Vulnerable to Self XSS Either the form was vulnerable to CSRF When these two bugs available and attacker could combine them to Perform a Reflected XSS Attack Impact Reflected XSS Execute JS Code

HackerOne: Unauthorized user can obtain `report_sources` attribute through Team GraphQL object

vom 269.17 Punkte
Summary: Hi team. And Happy New Year! Description: If I am not mistaken, then through this parameter we can define private programs with an external link. If this parameter is not empty, then the program is private. - [&quot;HackerOne Platform&qu

Team Security Diskussion über &quot;Alf&quot; zurück im Free-TV – NITRO zeigt alle Episoden des Katzenfans von Melmac