A true story of mobile device geolocation
TL;DR During the monthly research activity, in accordance with the relative Respnsible Disclosure program, we found and went in depth with an interesting security issue...
Rusty Joomla RCE
Introduction During one of our research activities, we discovered an undisclosed PHP Object Injection on Joomla CMS from the release 3.0.0 to the 3.4.6 (releases from 2012 to December...
Prestashop <= 1.7.6.0 RC 1 - Insecure Direct Object Reference
During a security assessment, we found an Insecure Direct Object Reference on Prestashop. In particular, the finding could allow an attacker to leak personal information such as...