βΌ CVE-2023-23590 βΌ
π Read
via "National Vulnerability Database".
Mercedes-Benz XENTRY Retail Data Storage 7.8.1 allows remote attackers to cause a denial of service (device restart) via an unauthenticated API request. The attacker must be on the same network as the device.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0303 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in SourceCodester Online Food Ordering System. It has been rated as critical. Affected by this issue is some unknown functionality of the file view_prod.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-218384.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0304 βΌ
π Read
via "National Vulnerability Database".
A vulnerability classified as critical has been found in SourceCodester Online Food Ordering System. This affects an unknown part of the file admin_class.php of the component Signup Module. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-218385 was assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0305 βΌ
π Read
via "National Vulnerability Database".
A vulnerability classified as critical was found in SourceCodester Online Food Ordering System. This vulnerability affects unknown code of the file admin_class.php of the component Login Module. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-218386 is the identifier assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2015-10049 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in Overdrive EletrΓΒ΄nica course-builder up to 1.7.x and classified as problematic. Affected by this issue is some unknown functionality of the file coursebuilder/modules/oeditor/oeditor.html. The manipulation leads to cross site scripting. The attack may be launched remotely. Upgrading to version 1.8.0 is able to address this issue. The name of the patch is e39645fd714adb7e549908780235911ae282b21b. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-218372.π Read
via "National Vulnerability Database".
βΌ CVE-2015-10051 βΌ
π Read
via "National Vulnerability Database".
A vulnerability, which was classified as critical, has been found in bony2023 Discussion-Board. Affected by this issue is the function display_all_replies of the file functions/main.php. The manipulation of the argument str leads to sql injection. The name of the patch is 26439bc4c63632d63ba89ebc0f149b25a9010361. It is recommended to apply a patch to fix this issue. VDB-218378 is the identifier assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2015-10050 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in brandonfire miRNA_Database_by_PHP_MySql. It has been declared as critical. This vulnerability affects the function __construct/select_single_rna/count_rna of the file inc/model.php. The manipulation leads to sql injection. The name of the patch is 307c5d510841e6142ddcbbdbb93d0e8a0dc3fd6a. It is recommended to apply a patch to fix this issue. VDB-218374 is the identifier assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0314 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.10.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0310 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0311 βΌ
π Read
via "National Vulnerability Database".
Improper Authentication in GitHub repository thorsten/phpmyfaq prior to 3.1.10.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0307 βΌ
π Read
via "National Vulnerability Database".
Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.10.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0306 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0312 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0309 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0313 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0308 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.10.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2023-0315 βΌ
π Read
via "National Vulnerability Database".
Command Injection in GitHub repository froxlor/froxlor prior to 2.0.8.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0316 βΌ
π Read
via "National Vulnerability Database".
Path Traversal: '\..\filename' in GitHub repository froxlor/froxlor prior to 2.0.0.π Read
via "National Vulnerability Database".
βΌ CVE-2022-4890 βΌ
π Read
via "National Vulnerability Database".
A vulnerability, which was classified as critical, has been found in abhilash1985 PredictApp. This issue affects some unknown processing of the file config/initializers/new_framework_defaults_7_0.rb of the component Cookie Handler. The manipulation leads to deserialization. The attack may be initiated remotely. The name of the patch is b067372f3ee26fe1b657121f0f41883ff4461a06. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-218387.π Read
via "National Vulnerability Database".
ποΈ Squaring the CircleCI: DevOps platform publishes post-mortem on recent breach ποΈ
π Read
via "The Daily Swig".
How the build pipeline was compromisedπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Squaring the CircleCI: DevOps platform publishes post-mortem on recent breach
How the build pipeline was compromised
β Multi-million investment scammers busted in four-country Europol raid β
π Read
via "Naked Security".
216 questioned, 15 arrested, 4 fake call centres searched, millions seized...π Read
via "Naked Security".
Naked Security
Multi-million investment scammers busted in four-country Europol raid
216 questioned, 15 arrested, 4 fake call centres searched, millions seizedβ¦
π1