Black Hat Ethical Hacking
  • Home
  • Solutions
  • Courses
  • Patreon
  • Resources
    • Articles
    • InfoSec News
    • Premium Articles
    • Hacking Tools
    • Tools by BHEH
  • Merch
  • About us
  • Contact us
Select Page
XSS Vulnerability in the “Get a Quote” form while bypassing WordFence and CloudFlare

XSS Vulnerability in the “Get a Quote” form while bypassing WordFence and CloudFlare

Jun 24, 2025 | Articles, Free Premium Article

During an external penetration testing, we uncovered a Cross-Site Scripting (XSS) vulnerability in the newly introduced “Get a Quote” form on the client’s website. This weakness allows malicious script injection via user input, which was not caught by existing defenses (including Wordfence and Cloudflare Web Application Firewall).

Oracle ILOM Compromise via EternalBlue

Oracle ILOM Compromise via EternalBlue

Jun 17, 2025 | Articles, Free Premium Article

During a penetration testing assessment, our team identified a critical exploitation chain affecting an enterprise network. The attack began by exploiting the EternalBlue vulnerability on an unpatched Windows server, allowing remote code execution.

Recent News

  • State-Sponsored Attack Hijacks Notepad++ Update Infrastructure to Deliver Malware

    State-Sponsored Attack Hijacks Notepad++ Update Infrastructure to Deliver Malware

    3 weeks ago
  • Fortinet Fixes Actively Exploited FortiOS SSO Auth Bypass

    Fortinet Fixes Actively Exploited FortiOS SSO Auth Bypass

    4 weeks ago
  • CISA Flags Actively Exploited VMware vCenter RCE in KEV Catalog

    CISA Flags Actively Exploited VMware vCenter RCE in KEV Catalog

    4 weeks ago
  • Reprompt Attack Lets Attackers Exfiltrate Data From Microsoft Copilot With a Single Click

    Reprompt Attack Lets Attackers Exfiltrate Data From Microsoft Copilot With a Single Click

    1 month ago
  • Node.js Fixes Critical DoS Flaw That Could Crash “Virtually Every Production App”

    Node.js Fixes Critical DoS Flaw That Could Crash “Virtually Every Production App”

    1 month ago
  • Actively Exploited D-Link Router Flaw Enables Unauthenticated Remote Code Execution

    Actively Exploited D-Link Router Flaw Enables Unauthenticated Remote Code Execution

    2 months ago
  • Kali Linux 2025.4 Released With 3 new tools, Desktop Overhauls, and Halloween Mode

    Kali Linux 2025.4 Released With 3 new tools, Desktop Overhauls, and Halloween Mode

    2 months ago
  • New Phishing Kits Automate MFA Bypass, AI Email Lures, and Bank Credential Theft at Scale

    New Phishing Kits Automate MFA Bypass, AI Email Lures, and Bank Credential Theft at Scale

    2 months ago
  • Malicious VS Code Extensions Infect Developers With Infostealers and Session Hijackers

    Malicious VS Code Extensions Infect Developers With Infostealers and Session Hijackers

    3 months ago
  • React2Shell – Critical Bug Exposes React Server Components to Unauthenticated Remote Code Execution

    React2Shell – Critical Bug Exposes React Server Components to Unauthenticated Remote Code Execution

    3 months ago

ABOUT US

  • Press Release
  • Sponsorship-Advertising
  • Site Map
  • Terms of Services
  • Privacy & Policy

SOLUTIONS

  • Vulnerability Assessment
  • Penetration Testing
  • Digital Forensics
  • Social Engineering
  • Compliance Programs

SUPPORT

  • Submit a Ticket
  • Report an Incident
  • Vulnerability Disclosure Policy
  • Contact us

EDUCATION

  • Courses – Login
  • Premium Articles – Login
  • Patreon – Hacking Episodes
  • Offensive Security Courses
  • Security Awareness
  • Courses – Login
  • Premium Articles – Login
  • Patreon – Hacking Episodes
  • Offensive Security Courses
  • Security Awareness
  • Facebook
  • X
  • Instagram
  • RSS
© Copyright 2026 • Black Hat Ethical Hacking • All rights reserved