Aggregator

A Threat Actor is Allegedly Selling VPN Access to an Unidentified German IT Corp

CornDB Claims to be Selling Data to an Unidentified Global Health Company

由

Rey Has Allegedly Leaked the Data of The District Department of Transportation

A Threat Actor Allegedly Leaked the Database of Government of Chubut

CornDB Has Allegedly Leaked the Data of Sofal Synergy

el_farado Has Claimed to Have Leaked the Data of X-Cart

A vulnerability, which was classified as critical, has been found in eNMS up to 4.2. Affected by this issue is the function multiselect_filtering of the file eNMS/controller.py of the component TGZ File Handler. The manipulation leads to path traversal. This vulnerability is handled as CVE-2024-11664. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

Submit #447375 / VDB-285986

Submit #447374 / VDB-285986

A vulnerability classified as critical was found in Codezips E-Commerce Site 1.0. Affected by this vulnerability is an unknown functionality of the file search.php. The manipulation of the argument keywords leads to sql injection. This vulnerability is known as CVE-2024-11663. The attack can be launched remotely. Furthermore, there is an exploit available.

STIIIZY Has Gone Up in Smoke to Everest Ransomware

A vulnerability classified as critical has been found in virtualenv up to 20.26.5. Affected is an unknown function of the component Activation Script Handler. The manipulation leads to command injection. This vulnerability is traded as CVE-2024-53899. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Hospital Management System 4.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /Hospital-Management-System-master/func.php. The manipulation of the argument email leads to sql injection. This vulnerability is known as CVE-2022-24263. The attack can be launched remotely. Furthermore, there is an exploit available.

Submit #447297 / VDB-285985

RipperSec Targeted the Website of Betfair Casino

Meta announced that it has taken down 2 million accounts across its platforms since the beginning of the year that are linked to pig butchering and other scams. [...]