Aggregator

CVE-2007-6396 | Myupb Flat PHP Board up to 1.2 User Account index.php code injection (EDB-4705 / BID-26782)

Vuldb Updates
2 months 4 weeks ago
A vulnerability, which was classified as critical, has been found in Myupb Flat PHP Board up to 1.2. This issue affects some unknown processing of the file index.php of the component User Account. The manipulation leads to code injection. The identification of this vulnerability is CVE-2007-6396. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2007-6397 | Flat PHP Board 1.2 User Account index.php username path traversal (EDB-4705 / BID-26782)

Vuldb Updates
2 months 4 weeks ago
A vulnerability, which was classified as problematic, was found in Flat PHP Board 1.2. Affected is an unknown function of the file index.php of the component User Account. The manipulation of the argument username leads to path traversal. This vulnerability is traded as CVE-2007-6397. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2007-6405 | Sergey Lyubka HTTPD 1.34/1.35/1.38 CGI Program information disclosure (EDB-4700 / BID-26768)

Vuldb Updates
2 months 4 weeks ago
A vulnerability, which was classified as critical, has been found in Sergey Lyubka HTTPD 1.34/1.35/1.38. Affected by this issue is some unknown functionality of the component CGI Program. The manipulation leads to information disclosure. This vulnerability is handled as CVE-2007-6405. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2007-6400 | PolDoc Poldoc Document Management System 0.96 download_file.php filename path traversal (EDB-4704 / XFDB-38937)

Vuldb Updates
2 months 4 weeks ago
A vulnerability was found in PolDoc Poldoc Document Management System 0.96. It has been classified as problematic. This affects an unknown part of the file download_file.php. The manipulation of the argument filename leads to path traversal. This vulnerability is uniquely identified as CVE-2007-6400. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2007-6292 | MWOpen E-Commerce 0/1.4 leggi_commenti.asp id sql injection (EDB-4697 / XFDB-38905)

Vuldb Updates
2 months 4 weeks ago
A vulnerability, which was classified as critical, has been found in MWOpen E-Commerce 0/1.4. Affected by this issue is some unknown functionality of the file leggi_commenti.asp. The manipulation of the argument id leads to sql injection. This vulnerability is handled as CVE-2007-6292. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com

会议通知 | 2024第三届SCIC网络安全合规创新大会

嘶吼
2 months 4 weeks ago

“合规赋能 数智未来”为主题的2024第三届SCIC 网络安全合规创新大会将于2024年10月18日在北京召开。大会邀请政府部门、科研机构和行业领军企业的领导与专家,共话安全合规创新,赋能数智未来!诚邀莅临!

01会议背景

安全合规是国家网络安全建设的基础,亦是各行业落实网络安全工作的基本要求。随着国家层面安全保障和监管体系的不断升级,安全合规要求每年都在从不同角度研究制订更新和完善。

SCIC网络安全合规创新大会,旨在支持建立一个开放性、发展性、前瞻性的安全合规创新交流平台,持续跟进网络安全最新法律法规、标准要求,新趋势、新技术、新场景对网络安全合规工作的新要求、新演进;分享网络安全合规体系建设经验等,为各行各业在网络安全合规建设方面持续提供支持,助力新时代国家网络安全建设。

02主办单位

主办单位:中国信息协会信息安全专业委员会

承办单位:长春嘉诚信息技术股份有限公司

支持单位:华易数安科技(吉林省)有限公司、北京赛博英杰科技有限公司、北京数字世界咨询有限公司

03时间地点

时间:2024年10月18日

地点:北京

04会议主题

2024第三届SCIC网络安全合规创新大会以“合规赋能 数智未来”为主题,邀请来自政府部门、科研机构和行业领军企业的领导与专家,解读 2024 年网络安全领域重大政策法规;围绕数据合规数据赋能、供应链安全、商用密码应用安全、大模型网络安全等领域的最新合规要求,结合数字经济和人工智能的发展趋势,从政策法规、标准技术、应用方案等多方面展开深度交流与探讨。

企业资讯

CVE-2024-48937 | Znuny up to 6.5.1/6.5.10/7.0.1/7.0.16 Activity Dialogues SLA cross site scripting

VulDB Recent Entries
2 months 4 weeks ago
A vulnerability was found in Znuny up to 6.5.1/6.5.10/7.0.1/7.0.16. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Activity Dialogues. The manipulation of the argument SLA leads to cross site scripting. This vulnerability is known as CVE-2024-48937. The attack can be launched remotely. There is no exploit available.
vuldb.com

CVE-2024-35517 | Netgear XR1000 1.0.0.64 usb_remote_smb_conf.cgi share_name command injection

VulDB Recent Entries
2 months 4 weeks ago
A vulnerability was found in Netgear XR1000 1.0.0.64. It has been classified as critical. Affected is an unknown function of the file usb_remote_smb_conf.cgi. The manipulation of the argument share_name leads to command injection. This vulnerability is traded as CVE-2024-35517. The attack can only be done within the local network. There is no exploit available.
vuldb.com

CVE-2024-48786 | SwitchBot com.theswitchbot.switchbot 5.0.4 Firmware Update information disclosure

VulDB Recent Entries
2 months 4 weeks ago
A vulnerability has been found in SwitchBot com.theswitchbot.switchbot 5.0.4 and classified as problematic. This vulnerability affects unknown code of the component Firmware Update Handler. The manipulation leads to information disclosure. This vulnerability was named CVE-2024-48786. The attack can be initiated remotely. There is no exploit available.
vuldb.com

CVE-2024-48778 | GIANT MANUFACTURING RideLink 2.0.7 Firmware Update information disclosure

VulDB Recent Entries
2 months 4 weeks ago
A vulnerability, which was classified as problematic, was found in GIANT MANUFACTURING RideLink 2.0.7. This affects an unknown part of the component Firmware Update Handler. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2024-48778. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com

CVE-2024-48769 | BURG-WCHTER de.burgwachter.keyapp.app 4.5.0 Firmware Update information disclosure

VulDB Recent Entries
2 months 4 weeks ago
A vulnerability, which was classified as problematic, has been found in BURG-WCHTER de.burgwachter.keyapp.app 4.5.0. Affected by this issue is some unknown functionality of the component Firmware Update Handler. The manipulation leads to information disclosure. This vulnerability is handled as CVE-2024-48769. The attack may be launched remotely. There is no exploit available.
vuldb.com

Managed ad