Skip to content

"If the enemy leaves a door open, you must rush in." – Sun Tzu

Search for:

About Me
Disclaimer
Tools

Weather forecasts

January 15, 2003 Uncategorized Comments Off on Weather forecasts

There is now weather forecasts (and current) available for Brussels, Belgium.
Still deploying the future interface. Be patient! 🙂

Post navigation

« Pic upload test!

Happy Birthday to my job! »

Stay in Touch

Upcoming Events

Here is a list of events that I will attend and cover via Twitter and wrap-ups. Ping me if you want to meet! The list is regularly updated.

Recent Articles

When NTP Kills Your Sandbox
[SANS ISC] Sextortion to The Next Level
[SANS ISC] Malicious Excel Delivering Fileless Payload
[SANS ISC] Anti-Debugging JavaScript Techniques
[SANS ISC] Anti-Debugging Technique based on Memory Protection

Popular Articles

Show me your SSID’s, I’ll Tell Who You Are! 39,404 views
Keep an Eye on SSH Forwarding! 38,436 views
Sending Windows Event Logs to Logstash 31,024 views
Socat, Another Network Swiss Army Knife 27,693 views
Check Point Firewall Logs and Logstash (ELK) Integration 27,501 views
Forensics: Reconstructing Data from Pcap Files 23,135 views
dns2tcp: How to bypass firewalls or captive portals? 22,362 views
Vulnerability Scanner within Nmap 19,254 views
Post-BruCON Experience – Running a Wall of Sheep in the Wild 18,202 views
Bash: History to Syslog 16,940 views

Recent Tweets

Everything is a f*cking clipboard problem... That reminds me one of my previous @sans_isc diary:… twitter.com/i/web/status/12818…
Yesterday at 09:57
The game is on! Good luck to all and, most important, have fun! #FOR610 #CTF pic.twitter.com/7umBOQs8Yt
Yesterday at 07:45
17K+ registrations for the SANS #DFIRSummit next week... Just wow! www.sans.org/blog/17k-dfir-reg…
July 10, 2020 06:39
Read this on a chat this morning: "Username and Password IS 2-factor auth" Mathematically speaking, it's true!#MadeMyDay
July 9, 2020 05:47
When one file extension is not enough... #MoreExtensionsIsFun pic.twitter.com/UdAA5zfosF
July 7, 2020 19:15

Time Machine

Time Machine

NVD Vulnerabilities Feed

CVE-2020-13992 (mods_for_hesk) July 9, 2020
An issue was discovered in Mods for HESK 3.1.0 through 2019.1.0. A Stored XSS issue allows remote unauthenticated attackers to abuse a helpdesk user's logged in session. A user with sufficient privileges to change their login-page image must open a crafted ticket.
CVE-2020-15073 (phplist) July 8, 2020
An issue was discovered in phpList through 3.5.4. An XSS vulnerability occurs within the Import Administrators section via upload of an edited text document. This also affects the Subscriber Lists section.
CVE-2020-15072 (phplist) July 8, 2020
An issue was discovered in phpList through 3.5.4. An error-based SQL Injection vulnerability exists via the Import Administrators section.
CVE-2020-15599 (victor_cms) July 7, 2020
Victor CMS through 2019-02-28 allows XSS via the register.php user_firstname or user_lastname field.
CVE-2020-8520 (phpzag) July 7, 2020
SQL injection in order and column parameters in Records.php for phpzag live add edit delete data tables records with ajax php mysql
CVE-2020-8521 (phpzag) July 7, 2020
SQL injection with start and length parameters in Records.php for phpzag live add edit delete data tables records with ajax php mysql
CVE-2020-8519 (phpzag) July 7, 2020
SQL injection with the search parameter in Records.php for phpzag live add edit delete data tables records with ajax php mysql
CVE-2019-20896 (webchess) July 7, 2020
WebChess 1.0 allows SQL injection via the messageFrom, gameID, opponent, messageID, or to parameter.

Copyright Xavier Mertens © 2003-2020 | Powered by Xavier Mertens Consulting.

This website uses cookies to improve your experience. By using our services, you agree to our use of cookies. Accept Learn more

Privacy & Cookies Policy

Necessary Always Enabled