Tracking Down New WordPress Popup Injection Malware
A new variant of popup injector WordPress malware is spreading and affecting 1000s of WordPress websites. The web master was
TERMS OF SERVICE
TERMS OF SERVICE (SAAS) PROPHAZE INDIA PVT. LTD. AND/OR ITS AFFILIATES (“PROPHAZE”) IS WILLING TO GRANT ACCESS TO THE SAAS
Integrations
Integrations Streamline Your Security Infrastructure with Prophaze Integration Prophaze web application firewall is designed to protect web applications from a
Virtual Patching
Virtual Patching Prophaze WAF’s Mitigating Vulnerabilities in Web Applications Prophaze WAF’s virtual patching features in mitigating vulnerabilities of web applications.
Compliance
Compliance Ensuring Regulatory Compliances and Best Practices E-commerce, FinTech, Health Tech, and organizations that process PII and PHI data find
Why Prophaze?
Why Prophaze? Prophaze’s solutions are designed to protect their web applications and APIs against a variety of risks, including both
Fuji Electric V-Server Lite all versions prior to 4.0.9.0 contains a heap based buffer overflow. The buffer allocated to read data, when parsing VPR files, is too small.
Overview : Fuji Electric V-Server Lite all versions prior to 4.0.9.0 contains a heap based buffer overflow. The buffer allocated
Rockwell Automation RSLinx Classic versions 4.1.00 and prior, an authenticated local attacker could modify a registry key
Overview : In Rockwell Automation RSLinx Classic versions 4.1.00 and prior, an authenticated local attacker could modify a registry key,
The Argo Project is an open source provider of Kubernetes CI/CD workflows, facilitating Infrastructure as Code.
Overview : In Argo versions prior to v1.5.0-rc1, it was possible for authenticated Argo users to submit API calls to
Privilege escalation vulnerability in MicroK8s allows a low privilege user with local access to obtain root access to the host by provisioning a privileged container. Fixed in MicroK8s 1.15.3.
Overview : Privilege escalation vulnerability in MicroK8s allows a low privilege user with local access to obtain root access to
TMM may crash or stop processing new traffic with the DPDK/ENA driver on AWS systems while sending traffic. This issue does not affect any other platforms,
Overview : On BIG-IP 15.1.0-15.1.0.1, 15.0.0-15.0.1.1, and 14.1.0-14.1.2.2, under certain conditions, TMM may crash or stop processing new traffic with
LogicalDoc before 8.3.3 allows SQL Injection
Overview : LogicalDoc before 8.3.3 allows SQL Injection. LogicalDoc populates the list of available documents by querying the database. This
A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server
Overview : A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request
Bot Detection
[vc_row][vc_column width=”1/2″][vc_empty_space height=”15px”][vc_column_text][/vc_column_text][/vc_column][vc_column width=”1/2″][vc_empty_space height=”15px”][vc_column_text] Bot Detection The Problems 20% of all web traffic is bad bots targeting APIs to
WAF API Gateway
[vc_row][vc_column width=”1/2″][vc_empty_space height=”15px”][vc_column_text][/vc_column_text][/vc_column][vc_column width=”1/2″][vc_empty_space height=”15px”][vc_column_text] WAF for your API Gateway Prophaze EagleEye can secure your API end points against OWASP
Persistent XSS vulnerability in filename of attached file in PrivateBin
Overview : PrivateBin versions 1.2.0 before 1.2.2, and 1.3.0 before 1.3.2 has an Arbitrary File Upload Vulnerability Affected Product(s) :
Prizm Content Connect 5.1 has an Arbitrary File Upload Vulnerability
Overview : Prizm Content Connect 5.1 has an Arbitrary File Upload Vulnerability Affected Product(s) : Prizm Content Connect 5.1 Vulnerability
Simple Online Planning Tool multiple vulnerabilities
Overview : SO Planning is an open source online planning tool completely free, designed to easily plan projects / tasks
XML Entity Injection Vulnerability in RSA Authentication Manager
Overview : RSA Authentication Manager versions prior to 8.4 P7 contain an XML Entity Injection Vulnerability. A remote authenticated malicious
Cisco Data Center Network Manager Vulnerabilities
Summary Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker
Remote Code Execution vulnerability in SonicWall
Overview : A vulnerability in SonicWall Email Security appliance allow an unauthenticated user to perform remote code execution. Affected Product(s)
An issue was discovered in CloudForms Management Engine 5
Overview : CFME (CloudForms Management Engine) 5: RHN account information is logged to top_output.log during registration Affected Product(s) : CloudForms
RHQ Mongo DB Drift Server vulnerability
Overview : An insecurity temporary file vulnerability exists in RHQ Mongo DB Drift Server through 2013-09-25 when unpacking zipped files.