IPS Community Suite 4.5.4.2 PHP Code Injection

Up next

“King of Fraud” faces major sentence for the operation of a massive botnet; US companies scammed for up to $7 million USD

IPS Community Suite versions 4.5.4.2 and below suffer from a PHP code injection vulnerability. The vulnerability exists because the IPS\cms\modules\front\pages\_builder::previewBlock() method allows to pass arbitrary content to the IPS\_Theme::runProcessFunction() method, which will be used in a call to the eval() PHP function. This can be exploited to inject and execute arbitrary PHP code. Successful exploitation of this vulnerability requires an account with permission to manage the sidebar (such as a Moderator or Administrator) and the “cms” application to be enabled.

Cyber Attacks

Rockstar games hacked. Grand Theft Auto VI Videos and GTA V Source Code leaked

The same 18-year-old hacker who just hacked UBER for fun has now…

Cybersdecurity RedFlag
September 24, 2022

Vulnerabilities

60 different HP printer models of inkjet, LaserJet Pro, and PageWide Pro printers allow threat actors to take control of network remotely. Patch these two flaws

Two crucial flaws in the firmware of several corporate printer models have…

Cybersdecurity RedFlag
September 24, 2022

Network Security

Network Security Demands Drive SD-WAN and SASE Adoption

Businesses today face new security challenges that were not imaginable a few…

Cybersdecurity RedFlag
September 24, 2022

Mobile Security

Android Banking Users Targeted With Fake Rewards Phishing Scam

Earlier today reports of an SMS-based phishing campaign were announced, targeting…

Cybersdecurity RedFlag
September 23, 2022