Black Hat Ethical Hacking
  • Home
  • Solutions
  • Courses
  • Patreon
  • Resources
    • Articles
    • InfoSec News
    • Premium Articles
    • Hacking Tools
  • Merch
  • About us
  • Contact us
Select Page
XSS Vulnerability in the “Get a Quote” form while bypassing WordFence and CloudFlare

XSS Vulnerability in the “Get a Quote” form while bypassing WordFence and CloudFlare

Jun 24, 2025 | Articles, Free Premium Article

During an external penetration testing, we uncovered a Cross-Site Scripting (XSS) vulnerability in the newly introduced “Get a Quote” form on the client’s website. This weakness allows malicious script injection via user input, which was not caught by existing defenses (including Wordfence and Cloudflare Web Application Firewall).

Oracle ILOM Compromise via EternalBlue

Oracle ILOM Compromise via EternalBlue

Jun 17, 2025 | Articles, Free Premium Article

During a penetration testing assessment, our team identified a critical exploitation chain affecting an enterprise network. The attack began by exploiting the EternalBlue vulnerability on an unpatched Windows server, allowing remote code execution.

Recent News

  • Freight Brokers Hit by RMM-Based Cyber Attacks Aimed at Physical Cargo Theft

    Freight Brokers Hit by RMM-Based Cyber Attacks Aimed at Physical Cargo Theft

    6 days ago
  • AdaptixC2: Open-Source C2 Tool Gains Traction with Ransomware-Linked Actors

    AdaptixC2: Open-Source C2 Tool Gains Traction with Ransomware-Linked Actors

    1 week ago
  • Nearly 76,000 WatchGuard Firebox Appliances Exposed — Critical IKEv2 RCE (CVE-2025-9242)

    Nearly 76,000 WatchGuard Firebox Appliances Exposed — Critical IKEv2 RCE (CVE-2025-9242)

    3 weeks ago
  • LinkPro Rootkit: New eBPF-Backed GNU/Linux Backdoor Found in Compromised AWS Environments

    LinkPro Rootkit: New eBPF-Backed GNU/Linux Backdoor Found in Compromised AWS Environments

    3 weeks ago
  • Pixnapping: New Android Side-Channel Steals 2FA Codes Pixel-by-Pixel

    Pixnapping: New Android Side-Channel Steals 2FA Codes Pixel-by-Pixel

    4 weeks ago
  • ChaosBot: Rust Backdoor Uses Discord C2 — Chaos Ransomware Adds Destructive & Clipboard-Hijack Features

    ChaosBot: Rust Backdoor Uses Discord C2 — Chaos Ransomware Adds Destructive & Clipboard-Hijack Features

    4 weeks ago
  • Redis Fixes 13-Year-Old CVSS 10.0 “RediShell” Bug Allowing Remote Code Execution

    Redis Fixes 13-Year-Old CVSS 10.0 “RediShell” Bug Allowing Remote Code Execution

    1 month ago
  • Crimson Collective Claims Red Hat GitLab Breach, 570GB Data Stolen

    Crimson Collective Claims Red Hat GitLab Breach, 570GB Data Stolen

    1 month ago
  • CISA Adds Critical Sudo “chroot” Flaw to KEV

    CISA Adds Critical Sudo “chroot” Flaw to KEV

    1 month ago
  • Kali Linux 2025.3 released with 10 New Tools, Nexmon Wi-Fi Injection for Raspberry Pi and Vagrant Updates

    Kali Linux 2025.3 released with 10 New Tools, Nexmon Wi-Fi Injection for Raspberry Pi and Vagrant Updates

    2 months ago

ABOUT US

  • Press Release
  • Sponsorship-Advertising
  • Site Map
  • Terms of Services
  • Privacy & Policy

SOLUTIONS

  • Vulnerability Assessment
  • Penetration Testing
  • Digital Forensics
  • Social Engineering
  • Compliance Programs

SUPPORT

  • Submit a Ticket
  • Report an Incident
  • Vulnerability Disclosure Policy
  • Contact us

EDUCATION

  • Courses – Login
  • Premium Articles – Login
  • Patreon – Hacking Episodes
  • Offensive Security Courses
  • Security Awareness
  • Courses – Login
  • Premium Articles – Login
  • Patreon – Hacking Episodes
  • Offensive Security Courses
  • Security Awareness
  • Facebook
  • X
  • Instagram
  • RSS
© Copyright 2025 • Black Hat Ethical Hacking • All rights reserved