Aggregator
Top 5 Mistakes SAQ A-EP Merchants Are Making in 2025 That Will Knock Them Out of PCI 4.0 Compliance
1 year 3 months ago
The post Top 5 Mistakes SAQ A-EP Merchants Are Making in 2025 That Will Knock Them Out of PCI 4.0 Compliance appeared first on Feroot Security.
The post Top 5 Mistakes SAQ A-EP Merchants Are Making in 2025 That Will Knock Them Out of PCI 4.0 Compliance appeared first on Security Boulevard.
mykola myroniuk
New Hacking Team
1 year 3 months ago
cohenido
Apos
1 year 3 months ago
cohenido
Apos
1 year 3 months ago
cohenido
Apos
1 year 3 months ago
cohenido
Apos
1 year 3 months ago
cohenido
Apos
1 year 3 months ago
cohenido
通过模糊测试收获$35,000赏金奖励
1 year 3 months ago
通过模糊测试收获$35,000赏金奖励
1 year 3 months ago
今天来分享一位全职白帽Abdullah Nawaf的故事, 目前他在BugCrowd中排名前 50,P1 漏洞排名 11,主要挖掘 P1 和 P2 漏洞。本文主要讲述了利用子域Fuzz,将多个漏洞组合
1-Month Update: Camming the lonely
1 year 3 months ago
Been camming for a month now, and here’s how it’s going: I’m average-looking, not in shape
El Dorado
1 year 3 months ago
cohenido
CVE-2025-0227 | Tsinghua Unigroup Electronic Archives System 3.2.210802(62532) downLoad.html path information disclosure
1 year 3 months ago
A vulnerability, which was classified as problematic, was found in Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). This affects an unknown part of the file /Logs/Annals/downLoad.html. The manipulation of the argument path leads to information disclosure.
This vulnerability is uniquely identified as CVE-2025-0227. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-0226 | Tsinghua Unigroup Electronic Archives System 3.2.210802(62532) downLoad.html download path information disclosure
1 year 3 months ago
A vulnerability, which was classified as problematic, has been found in Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). Affected by this issue is the function download of the file /collect/PortV4/downLoad.html. The manipulation of the argument path leads to information disclosure.
This vulnerability is handled as CVE-2025-0226. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-0225 | Tsinghua Unigroup Electronic Archives System 3.2.210802(62532) exampleDownload.html name path traversal
1 year 3 months ago
A vulnerability classified as problematic was found in Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). Affected by this vulnerability is an unknown functionality of the file /setting/ClassFy/exampleDownload.html. The manipulation of the argument name leads to path traversal: '/../filedir'.
This vulnerability is known as CVE-2025-0225. The attack can be launched remotely. Furthermore, there is an exploit available.
vuldb.com
Submit #474266: Tsinghua Unigroup Software Systems Co., Ltd. Tsinghua Electronic Archives System 3.2.210802(62532) release File and Directory Information Exposure [Accepted]
1 year 3 months ago
Submit #474266 / VDB-290217
Submit #474265: Tsinghua Unigroup Software Systems Co., Ltd. Tsinghua Electronic Archives System 3.2.210802(62532) release File and Directory Information Exposure [Accepted]
1 year 3 months ago
Submit #474265 / VDB-290216
Submit #474264: Tsinghua Unigroup Software Systems Co., Ltd. Tsinghua Electronic Archives System 3.2.210802(62532) release File and Directory Information Exposure [Accepted]
1 year 3 months ago
Submit #474264 / VDB-290215
Zr.Ms. Tromp vertrokken voor bewaken veiligheid
1 year 3 months ago
Zr.Ms. Tromp is zojuist als vlaggenschip vertrokken uit Den Helder voor de Standing NATO Maritime Group 1 (SNMG1). Dit is 1 van de 4 NAVO-vlootverbanden die 24/7 beschikbaar is voor opdrachten van het bondgenootschap. SNMG1 opereert vooral in de Noordzee, Oostzee en de Atlantische Oceaan. Bijzonder is dat een Nederlandse commandant vrijwel heel 2025 de leiding heeft over de maritieme groep.
AWS introduced same RCE vulnerability three times in four years
1 year 3 months ago