Wednesday, 27 May 2015

SQLI in e107 CMS

During last few weeks in the middle of time I was doing also some source code review.
That's how I found sqli bug in admin panel in e107 CMS. After a fast response from e107 Team,
fix was created.

This bug was found in e107_2.0_full_beta1 version. I don't know if other versions are also vulnerable.

Details about the vulnerability (even when it's in admin panel) will not be published for now.

Stay in touch. ;)

Monday, 25 May 2015

[EN] Browser exploitation during CybercomDev conference - Updated

During this weekend I gave my first formal security presentation at CybercomDev in Poland.
I was talking about use-after-free exploits, fuzzing and browser exploitation.
Thank you for watching and support ;)

* Currently this presentation is available only on demand.

* Update - 16.07.2015 *
Video (PL) is available here. Thank's Kenis. ;)

See you next time! ;)