SSD Advisory – Monstra CMS RCE

Vulnerabilities Summary The following advisory describes a vulnerability found in Monstra CMS. Monstra is “a modern and lightweight Content Management System. It is Easy to install, upgrade and use.” The vulnerability found is a remote code execution vulnerability through an arbitrary file upload mechanism. Credit An independent security researcher, Ishaq Mohammed, has reported this vulnerability … Continue reading SSD Advisory – Monstra CMS RCE
Read more

SSD Advisory – Mac OS X 10.12 Quarantine Bypass

Vulnerability summary Mac OS X contains a vulnerability that allows bypassing of the Apple Quarantine and the execution of arbitrary JavaScript code without any restrictions. Credit A security researcher from WeAreSegment, Filippo Cavallarin, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program. Vendor response Apple has been notified on the 27th of June … Continue reading SSD Advisory – Mac OS X 10.12 Quarantine Bypass
Read more