News Archives

Stay tuned with SecureLayer7 Announcements

February 25, 2016

Published by Sandeep Kamble at February 25, 2016

How to fix CVE-2015-7547 glibc: getaddrinfo stack-based buffer overflow

RedHat released Patch for CVE-2015-7547 glibc: getaddrinfo stack-based buffer overflow. A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A […]

December 14, 2015

Published by Sandeep Kamble at December 14, 2015

Joomla Remote Code Execution Vulnerability Fixed

The Joomla team just released a new Joomla version 3.4.6 to fix serious vulnerability, i.e. remote code execution. Directly from the Joomla announcement: Browser information is not […]

November 5, 2015

Published by Sandeep Kamble at November 5, 2015

PreAuth PHP Object Injection Critical Vulnerability in vBulletin Versions 5.1.4 to 5.1.9

vBulletin on 03 Nov 2015 released security patches. The vBulletin 5.1.4 to 5.1.9 is vulnerable to PHP Object injection, where attacker can take control of the […]

October 26, 2015

Published by Amit Kumar at October 26, 2015

Tool to Detect SQL injection vulnerability in Joomla 3.2 to 3.4.4 versions!

It pleases us to announce the release of our new tool that we create in order to detect SQL injection vulnerability in the affected versions of […]

July 15, 2015

Published by Sandeep Kamble at July 15, 2015

CVE-2015-2652 – Unauthenticated File Upload in Oracle E-business Suite.

During my regular penetration testing job, I unravelled an interesting vulnerability of Unauthenticated File Upload in Oracle E-business Suite 0-day vulnerability. This particular Upload Bug can be […]

March 27, 2015

Published by Sandeep Kamble at March 27, 2015

WordPress Plugin – Revslider update captions CSS file critical vulnerability

Today was another day at work for SecureLayer7 to recover our client’s defaced website. And bang!! I think I hit upon a nasty vulnerability of a […]

January 29, 2015

Published by Sandeep Kamble at January 29, 2015

CVE-2015-0235 – How to secure against Glibc Ghost Vulnerability

CVE-2015-0235 Ghost (glibc gethostbyname buffer overflow) Vulnerability is serious cause for all Linux servers. In effect, this vulnerability is leveraged to execute remote end code execution […]