Sandeep Kamble

July 18, 2016

vBulletin SQL Injection Exploit in the Wild CVE-2016-6195

vBulletin SQL Injection Exploit is released. On June 18th, vBulletin forum pushed a patch for the SQLi injection, which is still working on the number of […]
July 17, 2016

Firefox 47.0 Memory Access violation Crash – FIXED

We were working on Firefox browser automation for opening some of the URL for the malware analysis. We used the combination of python and selenium to […]
May 17, 2016

SecureLayer7 Gratis PenTest Summer 2016

SecureLayer7 Gratis PenTest Summer 2016 You can now receive free penetration testing for 6 days! What is this about? Your open source software project stands a […]
April 21, 2016

Backdoor PHP code WordPress

We have detected a Backdoor PHP code. It is often hidden in the WP writable directory. This backdoor is used to send PHP code execution.   […]
February 25, 2016

How to fix CVE-2015-7547 glibc: getaddrinfo stack-based buffer overflow

RedHat released Patch for CVE-2015-7547 glibc: getaddrinfo stack-based buffer overflow.  A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A […]
February 25, 2016

Protect Against SQL Injection in ASP.Net

A lot of resources are available for SQL Injection attack, however  I will be focusing on the SQL injection protection sample codes in ASP.net. Wherever I meet developers, […]
February 16, 2016

Umbraco – The open source ASP.NET CMS Multiple Vulnerabilities

Recently I got an assignment where I had to work on the Umbraco application – a free Open Source Content Management System built on the ASP.NET […]
January 27, 2016

cPanel releases security patches for 20 critical vulnerabilities

The cPanel security team has identified several security concerns in their control panel software. They have also released patches to address all these security concerns with […]
December 14, 2015

Joomla Remote Code Execution Vulnerability Fixed

The Joomla team just released a new Joomla version 3.4.6 to fix serious vulnerability, i.e. remote code execution. Directly from the Joomla announcement: Browser information is not […]