This Metasploit module exploits an authentication bypass vulnerability on Avaya IP Office Customer Call Reporter, which allows a remote user to upload arbitrary files through the ImageUpload.ashx component. It can be abused to upload and execute arbitrary ASP .NET code. The vulnerability has been tested successfully on Avaya IP Office Customer Call Reporter 7.0.4.2 and 8.0.8.15 on Windows 2003 SP2.

This is a whitepaper that goes into detail on hacking ASP/ASPX websites manually.

Whitepaper called Reinstallation Attacks: Forcing Nonce Reuse in WPA2. This research paper will be presented on at the Computer and Communications Security (CCS) conference on November 1, 2017. This paper details a flaw in the WPA2 protocol itself and most devices that makes use of WPA2 are affected.

The Call For Papers has been announced for REVULN 19Q4, an international cyber-security conference taking place December 11th and 12th, 2019 in Hong Kong at the Best Western Plus Hotel Hong Kong.

The No cON Name 2019 call for papers has been announced. It will be held in Barcelona, Spain, from November 14th and 15th, 2019.

BSidesLisbon 2019 has announced its call for papers. It will be held November 28th and 29th at Auditorio FMD-UL.

The ZeroNights 2019 Call For Papers has been announced. It will be held in Saint-Petersburg, Russia November 12th through the 13th, 2019.

RootedCON is a technology congress that will be held in Madrid (Spain) March 5th through the 7th, 2020. With an estimated seating from 2,000 and 2,500 people, is the most relevant specialized congress that is held in the country, and one of the most relevant in Europe, with attendee profiles ranging from students, Law Enforcement Agencies to professionals in the technology and information security market and, even, just passionate people.

The c0c0n 2020 Middle East call for papers has been announced. It will take place June 15th through the 18th, 2020 at the St. Regis in Abu Dhabi.

B-Sides Ljubljana will be held April 4th, 2020 in Ljubljana, Slovenia.

The 16th CarolinaCon will be hosted in Charlotte at the Embassy Suites April 10th through the 11th, 2020.

Call For Papers for Positive Hack Days 10 which will take place in Moscow, Russia May 13th through the 14th, 2020.

LeHACK 2020 is a yearly rendezvous where hackers and aficionados are meeting with both technical and non-technical talks and workshops about hacking. It is a great place to discover, to learn, to teach and be taught in the magical city of Paris. LeHACK 2020 will be held in La Cite des Sciences et de l'Industire in Paris, France from June 26th through the 27th, 2020.

REVULN 20x1 is an international conference taking place the April 28th through the 30th, 2020 in Metro Manila (Philippines) at the RED Hotel Cubao.

REVULN 20x2 is an international conference taking place the June 25th through the 26th, 2020 in St. Paul's Bay (Malta) at the Hotel Santana.

BSides Brussels is a security conference in Brussels, Belgium, with talks, workshops and villages. The goal is to strengthen the exchange of knowledge, cooperation, communication, and integration between the different actors active in the IT security industry. We are pleased to announce that the first edition of BSides Brussels will be held on May 28th, 2020.

Ac4p.com Gallery version 1.0 suffers from cross site scripting, phpinfo disclosure, shell upload, and insecure cookie handling vulnerabilities.

An elevation of privilege vulnerability exists in Microsoft Windows when the Win32k component fails to properly handle objects in memory. This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This Metasploit module is tested against Windows 10 v1703 x86.

This Metasploit module exploits a Java unmarshalling vulnerability via JSONWS in Liferay Portal versions prior to 6.2.5 GA6, 7.0.6 GA7, 7.1.3 GA4, and 7.2.1 GA2 to execute code as the Liferay user. Tested against 7.2.0 GA1.