Weak default credentials in combination with missing input validation allow a remote attacker to execute arbitrary code on a server using the Zmanda Management Console 3.3.9. Description It's possibl…

Imagine we’ve a reflected XSS on https://test-site.com and the following characters are filtered: spaces, (single) quotes, <, >, } and {. But you also want to develop a weaponized exploit to exf…

As the chairmen of a German human rights association I‘m familiar with how NGOs handle e-mail encryption and how important it is. Of course the research behind EFAIL points out valid vulnerabilities, …