Aggregator

A Threat Actor Allegedly Leaked Data of Israel National Digital Agency

A vulnerability classified as problematic has been found in awstats 6.3/6.4. Affected is an unknown function of the file awstats.pl. The manipulation of the argument debug leads to information disclosure. This vulnerability is traded as CVE-2005-0438. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

“有效防御离不开对攻击手段的深入了解”

Matrix 首页推荐 Matrix 是少数派的写作社区，我们主张分享真实的产品体验，有实用价值的经验与思考。我们会不定期挑选 Matrix 最优质的文章，展示来自用户的最真实的体验和观点。文章代

天文学家在遥远星际气体和尘埃云中发现了一种含碳的大分子。研究报告发表在《科学》期刊上。研究结果表明，含碳和氢的复杂有机分子可能存在于形成太阳系的寒冷、黑暗气体云中，它们对了解地球生命的早期起源至关重要。该分子被称为芘(Pyrene），是一种多环芳烃（或缩写 PAH）。PAH 分子由碳原子环组成。碳化学是地球生命的支柱。星际介质含有大量的 PAH 早已众所周知，它们在地球碳基生命起源理论中占有重要地位。

ZAIDDOS Targeted the Website of Roblox

A vulnerability classified as problematic was found in Oracle SPARC Enterprise M3000, M4000, M5000, M8000 and M9000 up to XCP 111x. This vulnerability affects unknown code of the component XCP Firmware. The manipulation leads to improper input validation. This vulnerability was named CVE-2011-3368. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

DDOS TEAM ANONYMOUS Targeted the Website of National Transplant Center

Мастерство Tesla — скрыть правду за яркими представлениями.

A vulnerability was found in Trend Micro Interscan Viruswall up to 7.1. It has been classified as critical. Affected is an unknown function of the component SMTP Content Filter Engine. The manipulation leads to improper privilege management. This vulnerability is traded as CVE-2002-1121. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

Cisco has added new security features that significantly mitigate brute-force and password spray attacks on Cisco ASA and Firepower Threat Defense (FTD), helping protect the network from breaches and reducing resource utilization on devices. [...]

A vulnerability classified as critical has been found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. Affected is the function set_ipv6 of the file internet.cgi. The manipulation of the argument IPv6OpMode/IPv6IPAddr/IPv6WANIPAddr/IPv6GWAddr leads to command injection. This vulnerability is traded as CVE-2024-10429. It is possible to launch the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. It has been rated as critical. This issue affects the function set_ipv6 of the file firewall.cgi. The manipulation of the argument dhcpGateway leads to command injection. The identification of this vulnerability is CVE-2024-10428. The attack may be initiated remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

henrymans0n Has Allegedly Leaked the Database of Aurat Foundation

Submit #427274 / VDB-281970

Submit #427272 / VDB-281969

A vulnerability was found in Codezips Pet Shop Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /deleteanimal.php. The manipulation of the argument t1 leads to sql injection. This vulnerability was named CVE-2024-10427. The attack can be initiated remotely. Furthermore, there is an exploit available. The initial researcher advisory mentions the parameter "refno" to be affected. But further inspection indicates that the name of the affected parameter is "t1".

A vulnerability was found in Codezips Pet Shop Management System 1.0. It has been classified as critical. This affects an unknown part of the file /animalsadd.php. The manipulation of the argument id leads to sql injection. This vulnerability is uniquely identified as CVE-2024-10426. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The initial researcher advisory mentions the parameter "refno" to be affected. But further inspection indicates that the name of the affected parameter is "id".

A vulnerability was found in Project Worlds Student Project Allocation System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /student/project_selection/move_up_project.php of the component Project Selection Page. The manipulation of the argument up leads to sql injection. This vulnerability is handled as CVE-2024-10425. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Project Worlds Student Project Allocation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /student/project_selection/remove_project.php of the component Project Selection Page. The manipulation of the argument no leads to sql injection. This vulnerability is known as CVE-2024-10424. The attack can be launched remotely. Furthermore, there is an exploit available.