The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: Local file inclusion

GhostCat: New High-Risk Vulnerability Affects Servers Running Apache Tomcat

GhostCat: New High-Risk Vulnerability Affects Servers Running Apache Tomcat

February 28, 2020Swati Khandelwal
If your web server is running on Apache Tomcat, you should immediately install the latest available version of the server application to prevent hackers from taking unauthorized control over it. Yes, that's possible because all versions (9.x/8.x/7.x/6.x) of the Apache Tomcat released in the past 13 years have been found vulnerable to a new high-severity (CVSS 9.8) ' file read and inclusion bug '—which can be exploited in the default configuration. But it's more concerning because several proof-of-concept exploits ( 1 , 2 , 3 , 4  and more ) for this vulnerability have also been surfaced on the Internet, making it easy for anyone to hack into publicly accessible vulnerable web servers. Dubbed ' Ghostcat ' and tracked as CVE-2020-1938 , the flaw could let unauthenticated, remote attackers read the content of any file on a vulnerable web server and obtain sensitive configuration files or source code, or execute arbitrary code if the server allows file uploa
phpMyAdmin Releases Critical Software Update — Patch Your Sites Now!

phpMyAdmin Releases Critical Software Update — Patch Your Sites Now!

December 11, 2018Mohit Kumar
Developers of phpMyAdmin, one of the most popular and widely used MySQL database management systems, today released an updated version 4.8.4 of its software to patch several important vulnerabilities that could eventually allow remote attackers to take control of the affected web servers. The phpMyAdmin project last Sunday gave an early heads-up about the latest security update through its blog, probably the first time, as an experiment to find if pre-announcements can help website admins, hosting providers and package managers better prepare for the security release. "We are inspired by the workflow of other projects (such as Mediawiki and others) which often announce any security release in advance to allow package maintainers and hosting providers to prepare. We are experimenting to see if such a workflow is suitable for our project," phpMyAdmin release manager Isaac Bennetch told The Hacker News. phpMyAdmin is a free, open-source administration tool for managing
Over 300 Million AdultFriendFinder Accounts Exposed in Massive Data Breach

Over 300 Million AdultFriendFinder Accounts Exposed in Massive Data Breach

November 13, 2016Mohit Kumar
Adult Friend Finder , a casual dating website with the tagline "hookup, find sex or meet someone hot now," has suffered another massive data breach, but this time it is much worse than the last year. Over 300 Million AdultFriendFinder accounts have reportedly been exposed in a massive data breach that hit adult dating and entertainment company Friend Finder Network. Friend Finder Network is the world's largest sex and swinger community that has a number of assets and the hack reportedly exposed the information from more than 412 Million accounts across its corporate holdings, which include AdultFriendFinder, Cams, Penthouse, and Stripshow. 412,214,295 User's Accounts on SALE! Breach notification site LeakedSource broke the story, reporting that nearly 339 Million accounts from sex hookup site AdultFriendFinder, over 60 Million accounts from Cams.com, 7 Million from Penthouse and a handful of accounts from Stripshow and iCams were compromised, for a total
Jobvite Recruitment Service Website Vulnerable to Hackers

Jobvite Recruitment Service Website Vulnerable to Hackers

August 04, 2014Swati Khandelwal
Jobvite , a recruiting platform for the social web, is found vulnerable to the most common, but critical web application vulnerabilities that could allow an attacker to compromise and steal the database of the company's website. Jobvite is a Social recruiting and applicant tracking created for companies with the highest expectations of recruiting technology and candidate quality. Growing companies use Jobvite's social recruiting, sourcing and talent acquisition solutions to target the right talent and build the best teams. An independent security researcher Mohamed M. Fouad from Egypt, has found two major flaws in Jobvite website  that could be used by an attacker to comprise the company's web server. As a responsible security researcher, Fouad also reported the critical flaws three months ago to the Jobvite team, but the company didn't fix it till now. According to Fouad, Jobvite is vulnerable to Boolean SQLi (SQL injection) and LFI (local file inclusion) v
Vulnerability in Whatsapp messenger media server

Vulnerability in Whatsapp messenger media server

June 12, 2013Mohit Kumar
If you own an iPhone or an Android device, then the chances are high that you're familiar with the extremely popular cross-platform messaging app, WhatsApp. According to a whitehat hacker Mohammed Saeed , Whatsapp media server ( media.whatsapp.com ) interface was vulnerable to Traversal local file inclusion. This vulnerability occurs when a page include is not properly sanitized, and allows directory traversal characters to be injected. Flaw allowed hacker to gather usernames via an " /etc/passwd " file and also another sensitive files like log files i.e   "/apache/logs/error.log" or " /apache/logs/access.log ". Flaw was reported by Mohammed with proof of conpect to Whatsapp security team on 27th May and was addressed this week. If you are also penetration tester and have something buggy that can help Whatsapp team to make there service more secure, feel free to contact them at  support@whatsapp.com .
Sensitive server info leaked from weather.gov Vulnerability

Sensitive server info leaked from weather.gov Vulnerability

October 16, 2012Mohit Kumar
Kosova Hacker's Security group today release very sensitive server info of " The National Weather Service ", which was gathered due to a " Local file inclusion " Vulnerability in weather.gov . By definition, Local File Inclusion (also known as LFI) is the process of including files on a server through the web browser. This vulnerability occurs when a page include is not properly sanitized, and allows directory traversal characters to be injected. Hackers publish complete data in a pastebin file uploaded today, but the hack was performed two day back and in meantime, server administrator fix the vulnerability. We just talk with the hacking crew to know the reason of hack and data exposure, one of them explain that they are against US policies, who are targeting muslim countries. " They hack our nuclear plants using STUXNET and FLAME like malwares , they are bombing us 24*7, we can't sit silent - hack to payback them " Hacker expo
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.