βΌ CVE-2022-32983 βΌ
π Read
via "National Vulnerability Database".
Knot Resolver through 5.5.1 may allow DNS cache poisoning when there is an attempt to limit forwarding actions by filters.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22317 βΌ
π Read
via "National Vulnerability Database".
IBM Curam Social Program Management 8.0.0 and 8.0.1 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 218281.π Read
via "National Vulnerability Database".
π΄ Feds Take Down Russian 'RSOCKS' Botnet π΄
π Read
via "Dark Reading".
RSOCKS commandeered millions of devices in order to offer proxy services used to mask malicious traffic.π Read
via "Dark Reading".
Dark Reading
Feds Take Down Russian 'RSOCKS' Botnet
RSOCKS commandeered millions of devices in order to offer proxy services used to mask malicious traffic.
π΄ Capital One Attacker Exploited Misconfigured AWS Databases π΄
π Read
via "Dark Reading".
After bragging in underground forums, the woman who stole 100 million credit applications from Capital One has been found guilty.π Read
via "Dark Reading".
Dark Reading
Capital One Attacker Exploited Misconfigured AWS Databases
After bragging in underground forums, the woman who stole 100 million credit applications from Capital One has been found guilty.
βΌ CVE-2017-20065 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in Supsystic Popup Plugin 1.7.6 and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.π Read
via "National Vulnerability Database".
βΌ CVE-2017-20066 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been found in Adminer Login 1.4.4 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to improper access controls. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31062 βΌ
π Read
via "National Vulnerability Database".
### Impact A plugin public script can be used to read content of system files. ### Patches Upgrade to version 1.0.2. ### Workarounds `b/deploy/index.php` file can be deleted if deploy feature is not used.π Read
via "National Vulnerability Database".
βΌ CVE-2017-20074 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in Hindu Matrimonial Script and classified as critical. Affected by this issue is some unknown functionality of the file /admin/newsletter1.php. The manipulation leads to improper privilege management. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.π Read
via "National Vulnerability Database".
βΌ CVE-2017-20079 βΌ
π Read
via "National Vulnerability Database".
A vulnerability classified as critical was found in Hindu Matrimonial Script. Affected by this vulnerability is an unknown functionality of the file /admin/photo.php. The manipulation leads to improper privilege management. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.π Read
via "National Vulnerability Database".
βΌ CVE-2017-20077 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in Hindu Matrimonial Script. It has been rated as critical. This issue affects some unknown processing of the file /admin/success_story.php. The manipulation leads to improper privilege management. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.π Read
via "National Vulnerability Database".
βΌ CVE-2017-20076 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in Hindu Matrimonial Script. It has been declared as critical. This vulnerability affects unknown code of the file /admin/searchview.php. The manipulation leads to improper privilege management. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.π Read
via "National Vulnerability Database".
βΌ CVE-2017-20067 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in Hindu Matrimonial Script. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/. The manipulation of the argument username/password with the input 'or''=' leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.π Read
via "National Vulnerability Database".
βΌ CVE-2017-20070 βΌ
π Read
via "National Vulnerability Database".
A vulnerability classified as critical was found in Hindu Matrimonial Script. This vulnerability affects unknown code of the file /admin/communitymanagement.php. The manipulation leads to improper privilege management. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.π Read
via "National Vulnerability Database".
βΌ CVE-2017-20068 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in Hindu Matrimonial Script. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/usermanagement.php. The manipulation leads to improper privilege management. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.π Read
via "National Vulnerability Database".
βΌ CVE-2017-20072 βΌ
π Read
via "National Vulnerability Database".
A vulnerability, which was classified as critical, was found in Hindu Matrimonial Script. Affected is an unknown function of the file /admin/generalsettings.php. The manipulation leads to improper privilege management. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.π Read
via "National Vulnerability Database".
βΌ CVE-2017-20073 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been found in Hindu Matrimonial Script and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/cms.php. The manipulation leads to improper privilege management. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31801 βΌ
π Read
via "National Vulnerability Database".
An unauthenticated, remote attacker could upload malicious logic to the devices based on ProConOS/ProConOS eCLR in order to gain full control over the device.π Read
via "National Vulnerability Database".
βΌ CVE-2017-20080 βΌ
π Read
via "National Vulnerability Database".
A vulnerability, which was classified as critical, has been found in Hindu Matrimonial Script. Affected by this issue is some unknown functionality of the file /admin/googleads.php. The manipulation leads to improper privilege management. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23072 βΌ
π Read
via "National Vulnerability Database".
In Recipes, versions 1.0.5 through 1.2.5 are vulnerable to Stored Cross-Site Scripting (XSS), in Γ’β¬ΕAdd to CartΓ’β¬οΏ½ functionality. When a victim accesses the food list page, then adds a new Food with a malicious javascript payload in the Γ’β¬ΛNameΓ’β¬β’ parameter and clicks on the Add to Shopping Cart icon, an XSS payload will trigger. A low privileged attacker will have the victim's API key and can lead to admin's account takeover.π Read
via "National Vulnerability Database".
βΌ CVE-2017-20075 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in Hindu Matrimonial Script. It has been classified as critical. This affects an unknown part of the file /admin/payment.php. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23073 βΌ
π Read
via "National Vulnerability Database".
In Recipes, versions 1.0.5 through 1.2.5 are vulnerable to Stored Cross-Site Scripting (XSS), in copy to clipboard functionality. When a victim accesses the food list page, then adds a new Food with a malicious javascript payload in the Γ’β¬ΛNameΓ’β¬β’ parameter and clicks on the clipboard icon, an XSS payload will trigger. A low privileged attacker will have the victim's API key and can lead to admin's account takeover.π Read
via "National Vulnerability Database".