Black Hat Ethical Hacking
  • Home
  • Solutions
  • Courses
  • Patreon
  • Resources
    • Articles
    • InfoSec News
    • Premium Articles
    • Hacking Tools
  • Merch
  • About us
  • Contact us
Select Page
XSS Vulnerability in the “Get a Quote” form while bypassing WordFence and CloudFlare

XSS Vulnerability in the “Get a Quote” form while bypassing WordFence and CloudFlare

Jun 24, 2025 | Articles, Free Premium Article

During an external penetration testing, we uncovered a Cross-Site Scripting (XSS) vulnerability in the newly introduced “Get a Quote” form on the client’s website. This weakness allows malicious script injection via user input, which was not caught by existing defenses (including Wordfence and Cloudflare Web Application Firewall).

Oracle ILOM Compromise via EternalBlue

Oracle ILOM Compromise via EternalBlue

Jun 17, 2025 | Articles, Free Premium Article

During a penetration testing assessment, our team identified a critical exploitation chain affecting an enterprise network. The attack began by exploiting the EternalBlue vulnerability on an unpatched Windows server, allowing remote code execution.

Recent News

  • React2Shell – Critical Bug Exposes React Server Components to Unauthenticated Remote Code Execution

    React2Shell – Critical Bug Exposes React Server Components to Unauthenticated Remote Code Execution

    14 hours ago
  • Researchers Infiltrate Lazarus Group’s “Famous Chollima” Job-Fraud Network Using Fake Developer Laptops

    Researchers Infiltrate Lazarus Group’s “Famous Chollima” Job-Fraud Network Using Fake Developer Laptops

    2 days ago
  • Matrix Push C2 Emerges as Browser-Based C2 Platform Using Fake Notifications for Cross-Platform Attacks

    Matrix Push C2 Emerges as Browser-Based C2 Platform Using Fake Notifications for Cross-Platform Attacks

    1 week ago
  • Sneaky2FA Phishing Kit Adds Browser-in-the-Browser (BitB) to Steal Microsoft 365 Sessions

    Sneaky2FA Phishing Kit Adds Browser-in-the-Browser (BitB) to Steal Microsoft 365 Sessions

    2 weeks ago
  • New ClickFix Campaign “EVALUSION” Deploys Amatera Stealer and NetSupport RAT

    New ClickFix Campaign “EVALUSION” Deploys Amatera Stealer and NetSupport RAT

    2 weeks ago
  • Maverick Malware Campaign Expands: WhatsApp-Propagated Banking Trojan Linked to Coyote

    Maverick Malware Campaign Expands: WhatsApp-Propagated Banking Trojan Linked to Coyote

    3 weeks ago
  • Hotel Managers Targeted by ClickFix Phishing – PureRAT Used to Harvest Booking.com Credentials

    Hotel Managers Targeted by ClickFix Phishing – PureRAT Used to Harvest Booking.com Credentials

    3 weeks ago
  • Freight Brokers Hit by RMM-Based Cyber Attacks Aimed at Physical Cargo Theft

    Freight Brokers Hit by RMM-Based Cyber Attacks Aimed at Physical Cargo Theft

    1 month ago
  • AdaptixC2: Open-Source C2 Tool Gains Traction with Ransomware-Linked Actors

    AdaptixC2: Open-Source C2 Tool Gains Traction with Ransomware-Linked Actors

    1 month ago
  • Nearly 76,000 WatchGuard Firebox Appliances Exposed — Critical IKEv2 RCE (CVE-2025-9242)

    Nearly 76,000 WatchGuard Firebox Appliances Exposed — Critical IKEv2 RCE (CVE-2025-9242)

    1 month ago

ABOUT US

  • Press Release
  • Sponsorship-Advertising
  • Site Map
  • Terms of Services
  • Privacy & Policy

SOLUTIONS

  • Vulnerability Assessment
  • Penetration Testing
  • Digital Forensics
  • Social Engineering
  • Compliance Programs

SUPPORT

  • Submit a Ticket
  • Report an Incident
  • Vulnerability Disclosure Policy
  • Contact us

EDUCATION

  • Courses – Login
  • Premium Articles – Login
  • Patreon – Hacking Episodes
  • Offensive Security Courses
  • Security Awareness
  • Courses – Login
  • Premium Articles – Login
  • Patreon – Hacking Episodes
  • Offensive Security Courses
  • Security Awareness
  • Facebook
  • X
  • Instagram
  • RSS
© Copyright 2025 • Black Hat Ethical Hacking • All rights reserved