βΌ CVE-2023-22704 βΌ
π Read
via "National Vulnerability Database".
Reflected Cross-Site Scripting (XSS) vulnerability in Michael Winkler teachPress plugin <= 8.1.8 versions.π Read
via "National Vulnerability Database".
π΄ Just 1% of Nonprofit Domains Have Basic DMARC Email Security Protections π΄
π Read
via "Dark Reading".
DMARC blocks spam and phishing emails sent from spoofed domains, and it's vastly underutilized, a new report says.π Read
via "Dark Reading".
Dark Reading
Just 1% of Nonprofit Domains Have Basic DMARC Email Security Protections
DMARC blocks spam and phishing emails sent from spoofed domains, and it's vastly underutilized, a new report says.
βΌ CVE-2023-28422 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in MagePeople Team Event Manager and Tickets Selling Plugin for WooCommerce <= 3.8.6. versions.π Read
via "National Vulnerability Database".
βΌ CVE-2022-4224 βΌ
π Read
via "National Vulnerability Database".
In multiple products of CODESYS v3 in multiple versions a remote low privileged user could utilize this vulnerability to read and modify system files and OS resources or DoS the device.π Read
via "National Vulnerability Database".
π΄ Okta Post-Exploitation Method Exposes User Passwords π΄
π Read
via "Dark Reading".
Accidentally typing a password in the username field of the platform saves them to audit logs, to which threat actors can gain access and use to compromise enterprise services.π Read
via "Dark Reading".
Dark Reading
Okta Post-Exploitation Method Exposes User Passwords
Accidentally typing a password in the username field of the platform saves them to audit logs, to which threat actors can gain access and use to compromise enterprise services.
β Windows 11 also vulnerable to βaCropalypseβ image data leakage β
π Read
via "Naked Security".
Turns out that the Windows 11 Snipping Tool has the same "aCropalypse" data leakage bug as Pixel phones. Here's how to work around the problem...π Read
via "Naked Security".
Naked Security
Windows 11 also vulnerable to βaCropalypseβ image data leakage
Turns out that the Windows 11 Snipping Tool has the same βaCropalypseβ data leakage bug as Pixel phones. Hereβs how to work around the problemβ¦
βΌ CVE-2023-23728 βΌ
π Read
via "National Vulnerability Database".
Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Winwar Media WP Flipclock plugin <= 1.7.4 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2022-28491 βΌ
π Read
via "National Vulnerability Database".
TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 contains a command injection vulnerability in the NTPSyncWithHost function via the host_name parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27079 βΌ
π Read
via "National Vulnerability Database".
Command Injection vulnerability found in Tenda G103 v.1.0.05 allows an attacker to obtain sensitive information via a crafted packageπ Read
via "National Vulnerability Database".
βΌ CVE-2023-23864 βΌ
π Read
via "National Vulnerability Database".
Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Michael Aronoff Very Simple Google Maps plugin <= 2.8.4 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2022-28492 βΌ
π Read
via "National Vulnerability Database".
TOTOLINK Technology CPE with firmware V6.3c.566 ,allows remote attackers to bypass Login.π Read
via "National Vulnerability Database".
βΌ CVE-2023-23722 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Winwar Media WP eBay Product Feeds plugin <= 3.3.1 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22712 βΌ
π Read
via "National Vulnerability Database".
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in TemplatesNext TemplatesNext ToolKit plugin <= 3.2.7 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22716 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Cross-Site Scripting vulnerability in OOPSpam OOPSpam Anti-Spam plugin <= 1.1.35 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27078 βΌ
π Read
via "National Vulnerability Database".
A command injection issue was found in TP-Link MR3020 v.1_150921 that allows a remote attacker to execute arbitrary commands via a crafted request to the tftp endpoint.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27077 βΌ
π Read
via "National Vulnerability Database".
Stack Overflow vulnerability found in 360 D901 allows a remote attacker to cause a Distributed Denial of Service (DDOS) via a crafted HTTP package.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22702 βΌ
π Read
via "National Vulnerability Database".
Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in WPMobile.App WPMobile.App Γ’β¬β Android and iOS Mobile Application plugin <= 11.13 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47589 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in this.Functional CTT Expresso para WooCommerce plugin <= 3.2.11 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2022-28493 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in TOTOLINK CP900 V6.3c.566 allows attackers to start the Telnet service,π Read
via "National Vulnerability Database".
βΌ CVE-2023-28772 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in the Linux kernel before 5.13.3. lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27135 βΌ
π Read
via "National Vulnerability Database".
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the enabled parameter at /setting/setWanIeCfg.π Read
via "National Vulnerability Database".