3CX Phone System Web console affected by XXE
XXE vulnerability in 3CX Phone System Another vulnerability discovered by Logically Secure. This time it is XXE (XML External Entity Injection) and SSRF (Server-Side Request Forgery) in 3CX Phone System …
(XSS) Vulnerabilities found – Choose your test scope correctly
This article aims to present how easy is to overlook the security of (some parts of) the application, leaving widely used CMS systems insecure despite its popularity, open source approach …
LS Team discovers XSS in WordPress Plugin
Often during the penetration testing activities our team comes across potentially unsafe behaviours, coding errors and unspecified misconfiguration errors. This time we had a full access to the WordPress instance, …