July 6th, 2011 
Mourad Ben Lakhoua New exploit has been published that are targeting Joomla 1.6.3 or lower version the vulnerability allow an attacker to create a specially crafted URL that would execute arbitrary script code on victim’s browser. Cross-site request (XSRF or CSRF) is a web application attack that uses the existing trust relationship between web applications and authenticated users [...]
June 26th, 2011 Mourad Ben Lakhoua One more time Joomla provide us a new vulnerability in one of thier component. This time the vulnerability exists in VirtueMart which is an Open Source E-Commerce solution that can be used together with a Joomla Content Management System (CMS). Steven Seeley & Rocco Calvi from startsec detected the possibility of Blind SQL injection in [...]
Posted in Vulnerabilities, Vulnerabilities & attacks 
Tags: Blind SQL, Exploit, Joomla, SQL Injection, VirtueMart 
No Comments » September 30th, 2009 Mourad Ben Lakhoua A new post has been released yesterday providing a script to exploit a critical vulnerability in windows, the vulnerability has been discovered since the 7th of September. Up to this Monday the vulnerability can lead only to a failure in the system but now and after Stephen Fewer from Metasploit issued this script publicly it [...]
Posted in Pentesting, Vulnerabilities & attacks Tags: Exploit, Metasploit, Microsoft, Security, Vulnerability Research 6 Comments » September 1st, 2009 Mourad Ben Lakhoua Proof-of-concept code was posted on Monday that can lead to gain a full control over server running Microsoft IIS. This vulnerability can be serious for webmasters but the attack can only be successful against old versions of IIS (IIS5, IIS6). The bug is particularly concern the FTP service which is an IIS component that used [...]
Posted in Vulnerabilities, Vulnerabilities & attacks, Web Security Tags: Exploit, Microsoft IIS 0-day, Milw0rm 5 Comments » July 9th, 2009 Mourad Ben Lakhoua I know this may seem like a lot to do, but let’s face it, milw0rm.com, has ceased to operate. ‘str0ke’ explained on his short add that this is simply due to a lack of time nothing else without a real clarification on that. From milw0rm: Well, this is my goodbye header for milw0rm. I wish [...]
