Aggregator

A vulnerability was found in SEMCMS 1.1. It has been classified as critical. Affected is an unknown function of the file Ant_Global.php. The manipulation leads to sql injection. This vulnerability is traded as CVE-2021-38736. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in SEMCMS 1.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file Ant_Pro.php. The manipulation leads to sql injection. This vulnerability is known as CVE-2021-38737. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Hospital Management System 4.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /hospital/hms/admin/patient-search.php. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2021-35388. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Employee Record Management System 1.2. This affects an unknown part of the file editempprofile.php. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2021-37781. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability classified as critical was found in SEMCMS 1.1. Affected by this vulnerability is an unknown functionality of the file Ant_Plist.php. The manipulation leads to sql injection. This vulnerability is known as CVE-2021-38729. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as problematic has been found in SEMCMS Shop 1.1. Affected is an unknown function of the file Ant_M_Coup.php. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2021-38728. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

特朗普政府或拟取消拜登时代的 AI 芯片限制； OpenAI 计划大幅降低与微软的收入分成比例； 迪士尼将在阿布扎比设立首个中东主题乐园

特朗普政府或拟取消拜登时代的 AI 芯片限制； OpenAI 计划大幅降低与微软的收入分成比例； 迪士尼将在阿布扎比设立首个中东主题乐园

The LockBit ransomware gang has suffered a data breach after its dark web affiliate panels were defaced and replaced with a message linking to a MySQL database dump. [...]

WELA (Windows Event Log Analyzer) Yamato Security’s WELA(Windows Event Log Analyzer) aims to be the Swiss Army knife for Windows event logs. Currently, WELA’s greatest functionality is creating an easy-to-analyze logon timeline in order...

The post WELA: Windows Event Log Analyzer appeared first on Penetration Testing Tools.

Japan is being peppered with an overwhelming volume of spam, thanks to a new platform popular across the East China Sea.

灾备能力建设是企业信息化和数字化转型成功的重要保障。

灾备能力建设是企业信息化和数字化转型成功的重要保障。

灾备能力建设是企业信息化和数字化转型成功的重要保障。

A vulnerability has been found in Mitel MiCollab up to 9.5.0.101 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Web Conferencing. The manipulation leads to unrestricted upload. This vulnerability is known as CVE-2022-36452. The attack needs to be done within the local network. There is no exploit available.

A vulnerability was found in Mitel MiCollab up to 9.5.0.101 and classified as critical. Affected by this issue is some unknown functionality of the component Client API. The manipulation leads to improper authorization. This vulnerability is handled as CVE-2022-36453. The attack needs to be initiated within the local network. There is no exploit available.

A vulnerability was found in Mitel MiCollab up to 9.5.0.101. It has been classified as critical. This affects an unknown part of the component Client API. The manipulation leads to improper authorization. This vulnerability is uniquely identified as CVE-2022-36454. Access to the local network is required for this attack. There is no exploit available.

A vulnerability was found in Brocade Fabric OS up to 8.x. It has been rated as critical. This issue affects some unknown processing of the component Radius Authentication System. The manipulation leads to improper authentication. The identification of this vulnerability is CVE-2022-33178. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in F-Secure Policy Manager up to 2022-08-10. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2022-38162. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in SourceCodester School Activity Updates with SMS Notification 1.0. Affected by this issue is some unknown functionality of the file /modules/announcement/index.php?view=edit. The manipulation of the argument ID leads to sql injection. This vulnerability is handled as CVE-2022-39976. The attack may be launched remotely. There is no exploit available.