7 Cool Cyberattack and Audit Tools to be Highlighted at Black Hat Europe

Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database CVE-2020-24441
PUBLISHED: 2020-11-12

Adobe Acrobat Reader for Android version 20.6.2 (and earlier) does not properly restrict access to directories created by the application. This could result in disclosure of sensitive information stored in databases used by the application. Exploitation requires a victim to download and run a malici…

CVE-2020-24442
PUBLISHED: 2020-11-12

Adobe Connect version 11.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.

CVE-2020-24443
PUBLISHED: 2020-11-12

Adobe Connect version 11.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim’s browser.

CVE-2020-27481
PUBLISHED: 2020-11-12

An unauthenticated SQL Injection vulnerability in Good Layers LMS Plugin <= 2.1.4 exists due to the usage of "wp_ajax_nopriv" call in WordPress, which allows any unauthenticated user to get access to the function "gdlr_lms_cancel_booking" where POST Parameter "id" wa…

CVE-2020-9128
PUBLISHED: 2020-11-12

FusionCompute versions 8.0.0 have an insecure encryption algorithm vulnerability. Attackers with high permissions can exploit this vulnerability to cause information leak.