Aggregator
New Ransomware Team
4 months 4 weeks ago
cohenido
Hunters
4 months 4 weeks ago
cohenido
Chort
4 months 4 weeks ago
cohenido
CVE-2018-8716 | WSO2 Identity Server up to 5.4.x Dashboard cross site scripting (ID 147330 / EDB-44531)
4 months 4 weeks ago
A vulnerability has been found in WSO2 Identity Server up to 5.4.x and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Dashboard. The manipulation leads to cross site scripting.
This vulnerability is known as CVE-2018-8716. The attack can be launched remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
Chort
4 months 4 weeks ago
cohenido
Chort
4 months 4 weeks ago
cohenido
Chort
4 months 4 weeks ago
cohenido
Chort
4 months 4 weeks ago
cohenido
Chort
4 months 4 weeks ago
cohenido
Black Suit
4 months 4 weeks ago
cohenido
Black Suit
4 months 4 weeks ago
cohenido
CVE-2024-49039 | Microsoft Windows up to Server 2025 Task Scheduler improper authentication (Nessus ID 210863)
4 months 4 weeks ago
A vulnerability was found in Microsoft Windows and classified as very critical. This issue affects some unknown processing of the component Task Scheduler. The manipulation leads to improper authentication.
The identification of this vulnerability is CVE-2024-49039. An attack has to be approached locally. Furthermore, there is an exploit available.
It is recommended to apply a patch to fix this issue.
vuldb.com
RansomHub
4 months 4 weeks ago
cohenido
CVE-2024-4577 RCE Exploit; PHP CGI Argument Injection
4 months 4 weeks ago
CVE-2024-4577 RCE Exploit; PHP CGI Argument Injection
Dark Web Informer
RansomHub
4 months 4 weeks ago
cohenido
DEF CON 32 – Manipulating Shim And Office For Code Injection
4 months 4 weeks ago
Authors/Presenters: Ron Ben-Yizhak, David Shandalov
Our sincere appreciation to DEF CON, and the Presenters/Authors for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.
The post DEF CON 32 – Manipulating Shim And Office For Code Injection appeared first on Security Boulevard.
Marc Handelman
Botnet exploits GeoVision zero-day to install Mirai malware
4 months 4 weeks ago
A malware botnet is exploiting a zero-day vulnerability in end-of-life GeoVision devices to compromise and recruit them for likely DDoS or cryptomining attacks. [...]
Bill Toulas
CVE-2008-6535 | Paypalestores PayPal eStores Access Restriction admin/settings.php NewAdmin access control (EDB-7367 / XFDB-47203)
4 months 4 weeks ago
A vulnerability, which was classified as critical, was found in Paypalestores PayPal eStores. Affected is an unknown function of the file admin/settings.php of the component Access Restriction. The manipulation of the argument NewAdmin leads to improper access controls.
This vulnerability is traded as CVE-2008-6535. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2008-5565 | Dinkumsoft DL PayCart up to 1.34 cross-site request forgery (EDB-7365 / SA33038)
4 months 4 weeks ago
A vulnerability classified as critical has been found in Dinkumsoft DL PayCart up to 1.34. This affects an unknown part. The manipulation leads to cross-site request forgery.
This vulnerability is uniquely identified as CVE-2008-5565. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com