Aggregator

A vulnerability has been found in NCR Terminal Handler 1.5.1 and classified as critical. Affected by this vulnerability is the function grantRolesToUsers/grantRolesToGroups/grantRolesToOrganization of the component SOAP API. The manipulation leads to improper access controls. This vulnerability is known as CVE-2023-47031. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in oatpp Oat++ up to 1.3.1. It has been declared as critical. This vulnerability affects the function deserializeArray of the file src/oatpp/json/Deserializer.cpp. The manipulation leads to stack-based buffer overflow. This vulnerability was named CVE-2025-6566. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in PHPGurukul Hospital Management System 4.0. Affected by this issue is some unknown functionality of the file /doctor/search.php. The manipulation of the argument searchdata leads to sql injection. This vulnerability is handled as CVE-2025-6570. The attack may be launched remotely. Furthermore, there is an exploit available.

HackerNews 编译，转载请注明出处： 据观察，不明攻击者正针对暴露公网的Microsoft Exchange服务器发起定向攻击，通过向登录页面注入恶意代码窃取用户凭证。网络安全供应商Positive Technologies在最新分析报告中表示，他们在Outlook登录页面上发现了两种用JavaScript编写的键盘记录器代码变体： • 本地存储型：将窃取的凭证写入服务器上可通过互联网访问的本地文件 • 实时外传型：将收集的数据立即发送至外部服务器 该俄罗斯网络安全公司证实，此次攻击已针对全球26个国家的65个机构，这是2024年5月首次记录的针对非洲和中东实体攻击活动的延续。此前该公司发现至少30名机构受害者，涵盖政府机构、银行、IT公司和教育机构，首次入侵证据可追溯至2021年。 攻击链利用Microsoft Exchange Server中的已知漏洞（例如ProxyShell）向登录页面插入键盘记录代码。目前这些攻击的幕后黑手尚未明确。已被武器化的漏洞包括： • CVE-2014-4078：IIS安全功能绕过漏洞 • CVE-2020-0796：Windows SMBv3客户端/服务器远程代码执行漏洞 • CVE-2021-26855、CVE-2021-26857、CVE-2021-26858、CVE-2021-27065：Microsoft Exchange Server远程代码执行漏洞（ProxyLogon） • CVE-2021-31206：Microsoft Exchange Server远程代码执行漏洞 • CVE-2021-31207、CVE-2021-34473、CVE-2021-34523：Microsoft Exchange Server安全功能绕过漏洞（ProxyShell） 安全研究人员Klimentiy Galkin和Maxim Suslov指出：恶意JavaScript代码读取并处理身份验证表单的数据，通过XHR请求将其发送至受感染Exchange Server上的特定页面。目标页面的源代码包含处理函数，该函数读取传入请求并将数据写入服务器文件。 包含被盗数据的文件可通过外部网络访问。部分本地键盘记录器变种还会收集用户Cookie、User-Agent字符串及时间戳。这种方法的核心优势在于：由于无需建立外联流量传输数据，检测概率趋近于零。 Positive Technologies发现的第二种变体则通过XHR GET请求，将编码后的登录名和密码分别存储在APIKey与AuthToken标头中，利用Telegram机器人作为渗透点；另一种方法结合域名系统（DNS）隧道与HTTPS POST请求发送用户凭证，突破组织防御体系。 受感染的服务器中有22台位于政府机构，其次是IT、工业和物流公司。越南、俄罗斯、中国大陆、中国台湾、巴基斯坦、黎巴嫩、澳大利亚、赞比亚、荷兰和土耳其位列前十大目标。 研究人员强调：大量可通过互联网访问的Exchange服务器仍易受旧漏洞攻击。通过将恶意代码嵌入合法认证页面，攻击者得以长期潜伏，同时直接获取明文凭证。       消息来源： thehackernews； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

A vulnerability was found in Sp Project and Document Manager up to 2.4.1. It has been declared as critical. This vulnerability affects the function remove_cat. The manipulation of the argument ID leads to sql injection. This vulnerability was named CVE-2014-9178. The attack can be initiated remotely. Furthermore, there is an exploit available.

HackerNews 编译，转载请注明出处： 西门子公司周二告知客户，其正与微软合作解决Microsoft Defender防病毒软件（MDAV）与Simatic PCS工业控制系统间的兼容性问题。根据该工业巨头发布的安全通告，核心问题在于Defender当前缺乏“仅警报”功能。 西门子在Simatic PCS 7及PCS Neo过程控制系统的技术文档中，曾建议通过配置Defender实现威胁分级警报——即在检测到特定级别威胁时不自动处置，仅触发告警。但实际运行中存在两类风险： 静默忽略风险 若将威胁响应设为“忽略”，不仅不会采取行动，系统甚至不会向工厂操作员和管理员发送任何警报，导致恶意软件潜伏未被察觉。 误删关键文件风险 若采用其他设置，Defender可能直接删除或隔离被标记为潜在威胁的文件（包括误报文件）。当系统依赖这些文件运行时，将引发生产中断。西门子在通告中强调：“受影响的设备可能完全失效，导致工厂丧失监控与控制能力。” 在微软提供解决方案前，西门子建议客户执行以下应急措施： 风险评估决策：企业需权衡选择——优先接收感染警报（可能面临误报干扰），或容忍文件误删风险（保障系统连续性）。 设备集群化管理：对受影响设备进行分组，根据各组功能重要性配置差异化的Defender策略。       消息来源： securityweek； 本文由 HackerNews.cc 翻译整理，封面来源于网络； 转载请注明“转自 HackerNews.cc”并附上原文

A vulnerability was found in Buttercup Wfm May-2007. It has been declared as problematic. This vulnerability affects unknown code of the file index.php. The manipulation of the argument Title leads to basic cross site scripting. This vulnerability was named CVE-2007-3049. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in Campcodes Online Teacher Record Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/edit-teacher-detail.php. The manipulation of the argument editid leads to sql injection. This vulnerability is known as CVE-2025-6405. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in Campcodes Online Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /hms/forgot-password.php. The manipulation of the argument fullname leads to sql injection. This vulnerability is handled as CVE-2025-6406. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in Campcodes Online Hospital Management System 1.0. This affects an unknown part of the file /user-login.php. The manipulation of the argument Username leads to sql injection. This vulnerability is uniquely identified as CVE-2025-6407. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Campcodes Online Hospital Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /doctor/search.php. The manipulation of the argument searchdata leads to sql injection. This vulnerability was named CVE-2025-6408. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in code-projects Simple Online Hotel Reservation System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/edit_query_account.php. The manipulation of the argument Name leads to sql injection. This vulnerability is handled as CVE-2025-6418. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Zimbra Collaboration Suite 8.8.15/9.0/10.0/10.1. It has been rated as problematic. This issue affects some unknown processing of the component Classic UI. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2025-48700. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in NCR ITM Web Terminal 4.4.0/4.4.4. It has been declared as critical. This vulnerability affects unknown code of the component IP Camera URL Component. The manipulation leads to code injection. This vulnerability was named CVE-2023-48978. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in NCR Terminal Handler 1.5.1. It has been classified as problematic. This affects an unknown part of the component SOAP API Endpoint. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2023-47298. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability classified as critical was found in NCR Terminal Handler 1.5.1. Affected by this vulnerability is an unknown functionality of the component Setting Handler. The manipulation leads to command injection. This vulnerability is known as CVE-2023-47297. Access to the local network is required for this attack to succeed. There is no exploit available.

A vulnerability, which was classified as critical, was found in NCR Terminal Handler 1.5.1. This affects an unknown part of the component Text Field Handler. The manipulation leads to command injection. This vulnerability is uniquely identified as CVE-2023-47295. The attack can only be done within the local network. There is no exploit available.

A vulnerability was found in NCR Terminal Handler 1.5.1. It has been rated as critical. This issue affects some unknown processing of the component UserService SOAP API. The manipulation leads to code injection. The identification of this vulnerability is CVE-2023-47032. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as problematic has been found in JetBrains TeamCity. This affects an unknown part of the component NPM Registry Integration. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-52879. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Beakon Learning Management System Sharable Content Object Reference Model up to 5.4.2 and classified as critical. Affected by this issue is some unknown functionality of the file json_scorm.php. The manipulation of the argument ks leads to sql injection. This vulnerability is handled as CVE-2025-46101. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.