Monthly Archives: July 2015

Full disclosure: multiple critical security vulnerabilities (including a backdoor!) in PHP File Manager

Posted on July 27, 2015 by Sijmen Ruwhof

In July 2010 I was looking for a web based file manager that I could use on my own web server. After some research I found the PHP File Manager from Revived Wire Media. A basic, but good looking web … Continue reading

Posted in PHP security, responsible disclosure, security assessment | 36 Comments

M-FILES radioshow: ‘Rest In Privacy’

Posted on July 18, 2015 by Sijmen Ruwhof

Deze week was ik te gast in de radioshow van M-FILES wat ging over online privacy. Vanaf 22:12 minuten is mijn bijdrage te horen:

Posted in hacking, podcast, privacy, security awareness | Comments Off on M-FILES radioshow: ‘Rest In Privacy’

Lukt het om in te breken in de website van Massa Media?

Posted on July 15, 2015 by Sijmen Ruwhof

Die vraag stelde een TV-ploeg van RTV Utrecht mij:

Posted in hacking, website, website security | Comments Off on Lukt het om in te breken in de website van Massa Media?

Security risk analysis of address bar spoofing bug in Chrome and Opera

Posted on July 5, 2015 by Sijmen Ruwhof

On June 30, 2015 security researcher David Leo publicly disclosed a vulnerability in Google Chrome on the full disclosure mailing list. Via this vulnerability it is possible to spoof the location of the address bar in the latest version of … Continue reading

Posted in browser security, bug, phishing | Comments Off on Security risk analysis of address bar spoofing bug in Chrome and Opera