Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Comments
Kid Hackers Bag Bug Bounties
Newest First  |  Oldest First  |  Threaded View
JamesG824
50%
50%
JamesG824,
User Rank: Apprentice
8/21/2013 | 5:09:25 PM
re: Kid Hackers Bag Bug Bounties
CyFi, I know I am old and behind the times. We are proud of you with your great knowledge of computers and white hat hacking. Keep up good work. Jim
KMBurnham
50%
50%
KMBurnham,
User Rank: Apprentice
8/20/2013 | 7:31:52 PM
re: Kid Hackers Bag Bug Bounties
Start them young. No better time to get them interested in tech.
OtherJimDonahue
50%
50%
OtherJimDonahue,
User Rank: Apprentice
8/20/2013 | 6:08:41 PM
re: Kid Hackers Bag Bug Bounties
"CyFi, 12, co-founder R00tz Asylum..."

God, I feel old.
David F. Carr
50%
50%
David F. Carr,
User Rank: Apprentice
8/20/2013 | 3:16:36 PM
re: Kid Hackers Bag Bug Bounties
Cool to see kids using their powers for good, rather than cheating on their homework


Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Enterprise Cybersecurity Plans in a Post-Pandemic World
Download the Enterprise Cybersecurity Plans in a Post-Pandemic World report to understand how security leaders are maintaining pace with pandemic-related challenges, and where there is room for improvement.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-20691
PUBLISHED: 2021-09-27
An issue in Monstra CMS v3.0.4 allows attackers to execute arbitrary web scripts or HTML via bypassing the file extension filter and uploading crafted HTML files.
CVE-2020-20692
PUBLISHED: 2021-09-27
GilaCMS v1.11.4 was discovered to contain a SQL injection vulnerability via the $_GET parameter in /src/core/controllers/cm.php.
CVE-2020-20693
PUBLISHED: 2021-09-27
A Cross-Site Request Forgery (CSRF) in GilaCMS v1.11.4 allows authenticated attackers to arbitrarily add administrator accounts.
CVE-2020-20695
PUBLISHED: 2021-09-27
A stored cross-site scripting (XSS) vulnerability in GilaCMS v1.11.4 allows attackers to execute arbitrary web scripts or HTML via a crafted SVG file.
CVE-2020-20696
PUBLISHED: 2021-09-27
A cross-site scripting (XSS) vulnerability in /admin/content/post of GilaCMS v1.11.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Tags field.