Category Archives: Advisory

advisory , blog , general

blog-3

More Vulnerabilities Discovered in Concrete5 by Edgescan Researcher

January 8, 2021 / by

This blog post will address recent Cross Site Scripting (XSS) Stored & HTML Injection Stored vulnerabilities discovered by Edgescan Senior Information Security Consultant, Guram Javakhishvili. These vulnerabilities were discovered while validating alerts as part of Edgescan’s human intelligence verification. These discoveries are shared with clients so they can evaluate and mitigate the risks. The vendor […]

Read more

advisory , blog , general , news , papers

, , ,

blog-3

Edgescan Product Strategy

September 30, 2020 / by

Edgescan Development Plans Product Strategy 2020 to 2021   With the successful rollout of API Discovery to clients in early 2020, we wanted to start publishing and discussing some of the long-term work that the Edgescan teams are working toward.   All Edgescan teams have expanded in the last year, with our biggest headcount increases […]

Read more

advisory , blog , general

, ,

blog-3

Vulnerabilities Discovered in Concrete5 by Edgescan Researcher

August 17, 2020 / by

This blog post will address recent RCE vulnerability discovered by Edgescan Senior Information Security Consultant, Guram Javakhishvili. These vulnerabilities were discovered while validating alerts as part of Edgescan’s human intelligence verification. These discoveries are shared with clients so they can evaluate and mitigate the risks. The vendor is also notified so they can resolve the […]

Read more

advisory , blog , general

,

blog-3

Edgescan Researcher Discovers Multiple Vulnerabilities in CMS Made Simple and Lime Survey

July 22, 2020 / by

Edgescan Senior Security Consultant Guram Javakhishvili is making an impact in the cybersecurity field as a researcher aka hacker, discovering vulnerabilities across a number of popular applications. Some of which are not yet publicly available, as soon as the vendor implements the fix, those issues will also be added to this list and the blog […]

Read more

advisory , blog , general , news

blog-3

Advisory: Critical RCE in Windows DNS – CVE-2020-1350

July 14, 2020 / by

Windows CVE-2020-1350 aka SIGRed? This blog explains CVE-2020-1350 aka SIGRed, how to identify if you are vulnerable and what, if anything, you need to do.   What is it? It’s a vulnerability in all versions of Windows servers that could result in Remote Code Execution, allowing a successful attacker to run unwanted operations on machines […]

Read more