FUN WITH LINUX

ForkCMS PHP Object Injection (CVE-2020-24036)

2 March 2021

Identifier: AIT-SA-20210215-04
Target: ForkCMS
Vendor: ForkCMS
Version: all versions below version 5.8.3
CVE: CVE-2020-24036
Accessibility: Remote
Severity: Medium
Author: Wolfgang Hotwagner (AIT Austrian Institute of Technology)
Read more..
QCubed Cross Site Scripting (CVE-2020-24912)

2 March 2021

Identifier: AIT-SA-20210215-03
Target: QCubed Framework
Vendor: QCubed
Version: all versions including 3.1.1
CVE: CVE-2020-24912
Accessibility: Remote
Severity: High
Author: Wolfgang Hotwagner (AIT Austrian Institute of Technology)
Read more..
QCubed SQL Injection ( CVE-2020-24913)

2 March 2021

Identifier: AIT-SA-20210215-02
Target: QCubed Framework
Vendor: QCubed
Version: all versions including 3.1.1
CVE: CVE-2020-24913
Accessibility: Remote
Severity: Critical
Author: Wolfgang Hotwagner (AIT Austrian Institute of Technology)
Read more..
QCubed PHP Object Injection (CVE-2020-24914)

2 March 2021

Identifier: AIT-SA-20210215-01
Target: QCubed Framework
Vendor: QCubed
Version: all versions including 3.1.1
CVE: CVE-2020-24914
Accessibility: Remote
Severity: Critical
Author: Wolfgang Hotwagner (AIT Austrian Institute of Technology)
Read more..
Pimp my shell

27 February 2021

ZSH is an extraordinary shell. I wrote about that some years ago. In order to make the zsh a little bit more beautiful I prefer installing oh-my-zsh or Powerlevel10k. In this article I want to introduce some plugins I can’t live without anymore.

Read more..
Refurbished Blog

5 February 2021

I started to write this blog in the year 2014 and I wrote about 270 articles since then. Even though the topics changed after time, the main topics are still Sysadmin, Programming, Security and HackADay. In the last years I experienced some serious issues with my blog software. Now I refurbished my blog. I am using a static site generator now, so this blog is static only. I had to give up my comment section for that. That’s very sad, but I hope to receive some mails instead. As with the previous design, I created the new one by myself and I kept it very simple and clean. I hope my readers like it.

Read more..
How to build a music-box for children

2 January 2021

The Tonibox is a music player for children. They can simply place figures on the box and depending on the figure, a corresponding audio book is then played. I like this concept and since my child loves audio books, I am going to build such a box.

Note: I never had an original Tonibox in my hands. So I don’t know about it’s exact features and also don’t know how it really works. This article simply describes how I would build such a device.

Read more..
Happy New Year 2021

31 December 2020

Happy new year! The last one was intense, let’s see what’s comming. For this blog, I hope more content. And for my readers, just the best!

Read more..
Sixth Anniversary

7 November 2020

This blog turned 6 years old. Unbelievable! I would like to thank all the people who read my articles.

Read more..
RIAA took down youtube-dl

26 October 2020

Few days ago the popular content download software “youtube-dl” was taken down by RIAA. They left a notice in the GitHub-Repository that youtube-dl violates copyrights. In my opinion this is a shame. With youtube-dl it was possible to download any content from youtube. That means you were also able to legally download content that was not protected by any content license. If we start to take down youtube-dl because we could also use it to download content illegally, then we should also take down all the browsers. We could also use browsers to illegally download content.

Read more..
Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution 3.0 Unported License.

Copyright 2015-present Hoti