Pydio is a popular file sharing solution used by enterprises and governments around the world. It suffered from a highly critical vulnerability that allowed unauthenticated attackers to compromise the entire file sharing server and to execute arbitrary code on the remote machine (CVE-2018-20718). Find out more about the impact and technical details in our blog post.
In-depth analysis of our latest vulnerability findings and best practices for secure development.
7 min read 6 Nov 2018 by Simon Scannell
A flaw in the way WordPress handles privileges can lead to a privilege escalation in WordPress plugins. This affects for example WooCommerce, the most popular e-commerce plugin with over 4 million installations. The vulnerability allows shop managers to delete certain files on the server and then to take over any administrator account (CVE-2018-20714).
6 min read 31 Oct 2018 by Nils Werner
6 min read 9 Oct 2018 by Simon Scannell
6 min read 27 Sep 2018 by Nils Werner