Aggregator

真主党对讲机爆炸案后，韩国再次曝出大规模“恶意硬件”案件，数十万台销往全球市场的卫星接收器中暗藏DDoS攻击工具。

A vulnerability was found in code-projects Online Notice Board up to 1.0 and classified as critical. This issue affects some unknown processing of the file /registration.php of the component Profile Picture Handler. The manipulation of the argument img leads to unrestricted upload. The identification of this vulnerability is CVE-2024-12233. The attack may be initiated remotely. Furthermore, there is an exploit available.

Submit #456529 / VDB-286981

A vulnerability has been found in code-projects Simple CRUD Functionality 1.0 and classified as problematic. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument newtitle/newdescr leads to cross site scripting. This vulnerability was named CVE-2024-12232. The attack can be initiated remotely. Furthermore, there is an exploit available.

Submit #456519 / VDB-286980

1 天 1 个，OpenAI 将连发 12 款新产品；传苹果 AI 国内正式与百度合作；重建的巴黎圣母院本周开放 | 极客早知道

A vulnerability, which was classified as critical, was found in CodeZips Project Management System 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument email leads to sql injection. This vulnerability is uniquely identified as CVE-2024-12231. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Submit #456458 / VDB-286979

A vulnerability, which was classified as critical, has been found in PHPGurukul Complaint Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/subcategory.php. The manipulation of the argument category leads to sql injection. This vulnerability is handled as CVE-2024-12230. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in PHPGurukul Complaint Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/complaint-search.php. The manipulation of the argument search leads to sql injection. This vulnerability is known as CVE-2024-12229. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in PHPGurukul Complaint Management System 1.0. Affected is an unknown function of the file /admin/user-search.php. The manipulation of the argument search leads to sql injection. This vulnerability is traded as CVE-2024-12228. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

Submit #456069 / VDB-286978

派早报：多个平台发布年度榜单、Apple Intelligence 或将使用文心一言等

Microsoft says having a TPM is "non-negotiable" for Windows 11

Кибератаки на окружение экс-президента продолжаются.

2024-12-04 - AgentTesla variant using FTP

Submit #455060 / VDB-286977

Submit #456517 / VDB-286976

Submit #455065 / VDB-286975

Submit #455059 / VDB-286974