βΌ CVE-2022-48085 βΌ
π Read
via "National Vulnerability Database".
Softr v2.0 was discovered to contain a HTML injection vulnerability via the Work Space Name parameter.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2023-0679 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in SourceCodester Canteen Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file removeUser.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-220220.π Read
via "National Vulnerability Database".
βΌ CVE-2022-48164 βΌ
π Read
via "National Vulnerability Database".
An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN533A8 M33A8.V5030.190716 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials.π Read
via "National Vulnerability Database".
βΌ CVE-2022-45722 βΌ
π Read
via "National Vulnerability Database".
ezEIP v5.3.0(0649) was discovered to contain a cross-site scripting (XSS) vulnerability.π Read
via "National Vulnerability Database".
β Finnish psychotherapy extortion suspect arrested in France β
π Read
via "Naked Security".
Company transcribed ultra-personal conversations, didn't secure them. Criminal stole them, then extorted thousands of vulnerable patients.π Read
via "Naked Security".
Naked Security
Finnish psychotherapy extortion suspect arrested in France
Company transcribed ultra-personal conversations, didnβt secure them. Criminal stole them, then extorted thousands of vulnerable patients.
ποΈ Google engineers plot to mitigate prototype pollution ποΈ
π Read
via "The Daily Swig".
Plan to create boundary between JavaScript objects and their blueprints gathers momentumπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Google engineers plot to mitigate prototype pollution
Plan to create boundary between JavaScript objects and their blueprints gathers momentum
π GNUnet P2P Framework 0.19.3 π
π Read
via "Packet Storm Security".
GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP (IPv4 and IPv6), TCP (IPv4 and IPv6), HTTP, or SMTP messages. GNUnet supports accounting to provide contributing nodes with better service. The primary service build on top of the framework is anonymous file sharing.π Read
via "Packet Storm Security".
Packetstormsecurity
GNUnet P2P Framework 0.19.3 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
βΌ CVE-2023-24200 βΌ
π Read
via "National Vulnerability Database".
Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at save_ticket.php.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24192 βΌ
π Read
via "National Vulnerability Database".
Online Food Ordering System v2 was discovered to contain a cross-site scripting (XSS) vulnerability via the redirect parameter in login.php.π Read
via "National Vulnerability Database".
βΌ CVE-2022-48078 βΌ
π Read
via "National Vulnerability Database".
pycdc commit 44a730f3a889503014fec94ae6e62d8401cb75e5 was discovered to contain a stack overflow via the component ASTree.cpp:BuildFromCode.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24198 βΌ
π Read
via "National Vulnerability Database".
Raffle Draw System v1.0 was discovered to contain multiple SQL injection vulnerabilities at save_winner.php via the ticket_id and draw parameters.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24197 βΌ
π Read
via "National Vulnerability Database".
Online Food Ordering System v2 was discovered to contain a SQL injection vulnerability via the id parameter at view_order.php.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24202 βΌ
π Read
via "National Vulnerability Database".
Raffle Draw System v1.0 was discovered to contain a local file inclusion vulnerability via the page parameter in index.php.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24194 βΌ
π Read
via "National Vulnerability Database".
Online Food Ordering System v2 was discovered to contain a cross-site scripting (XSS) vulnerability via the page parameter in navbar.php.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2023-24195 βΌ
π Read
via "National Vulnerability Database".
Online Food Ordering System v2 was discovered to contain a cross-site scripting (XSS) vulnerability via the page parameter in index.php.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24191 βΌ
π Read
via "National Vulnerability Database".
Online Food Ordering System v2 was discovered to contain a cross-site scripting (XSS) vulnerability via the redirect parameter in signup.php.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24276 βΌ
π Read
via "National Vulnerability Database".
TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection vulnerability via the country parameter at setting/delStaticDhcpRules.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24201 βΌ
π Read
via "National Vulnerability Database".
Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at get_ticket.php.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24199 βΌ
π Read
via "National Vulnerability Database".
Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at delete_ticket.php.π Read
via "National Vulnerability Database".
βΌ CVE-2022-48019 βΌ
π Read
via "National Vulnerability Database".
The components wfshbr64.sys and wfshbr32.sys in Another Eden before v3.0.20 and before v2.14.200 allows attackers to perform privilege escalation via a crafted payload.π Read
via "National Vulnerability Database".
β Tracers in the Dark: The Global Hunt for the Crime Lords of Crypto β
π Read
via "Naked Security".
Hear renowned cybersecurity author Andy Greenberg's thoughtful commentary about the "war on crypto" as we talk to him about his new book...π Read
via "Naked Security".
Naked Security
Tracers in the Dark: The Global Hunt for the Crime Lords of Crypto
Hear renowned cybersecurity author Andy Greenbergβs thoughtful commentary about the βwar on cryptoβ as we talk to him about his new bookβ¦