Aggregator
CVE-2008-5330 | IBM Rational Clearquest up to 7.0.0 cross site scripting (EDB-32631 / XFDB-46983)
1 year 4 months ago
A vulnerability classified as problematic has been found in IBM Rational Clearquest up to 7.0.0. Affected is an unknown function. The manipulation leads to cross site scripting.
This vulnerability is traded as CVE-2008-5330. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-49294 | MagePeople Team Bus Ticket Booking with Seat Reservation Plugin up to 5.4.3 on WordPress cross-site request forgery
1 year 4 months ago
A vulnerability was found in MagePeople Team Bus Ticket Booking with Seat Reservation Plugin up to 5.4.3 on WordPress. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross-site request forgery.
This vulnerability is traded as CVE-2024-49294. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com
CVE-2024-51700 | 김 민준 NAVER Analytics Plugin up to 0.9 on WordPress cross site scripting
1 year 4 months ago
A vulnerability was found in 김 민준 NAVER Analytics Plugin up to 0.9 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting.
This vulnerability is handled as CVE-2024-51700. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2024-12738 | reflectionmedia User Profile Builder Plugin up to 3.12.9 on WordPress cross site scripting
1 year 4 months ago
A vulnerability has been found in reflectionmedia User Profile Builder Plugin up to 3.12.9 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting.
This vulnerability is known as CVE-2024-12738. The attack can be launched remotely. There is no exploit available.
vuldb.com
CVE-2024-56293 | nasirahmed Advanced Form Integration Plugin up to 1.95.0 on WordPress cross site scripting
1 year 4 months ago
A vulnerability has been found in nasirahmed Advanced Form Integration Plugin up to 1.95.0 on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting.
This vulnerability was named CVE-2024-56293. The attack can be initiated remotely. There is no exploit available.
vuldb.com
Beware of Fake BSOD Delivered by Malicious Python Script
1 year 4 months ago
A recently discovered Python script has been flagged as a potential cybersecurity threat due to its use of a clever anti-analysis trick. This script, which has a low detection rate on VirusTotal (4/59), uses the tkinter library to create a fake “Blue Screen of Death” (BSOD) graphical interface. The SHA256 hash of the script, which […]
The post Beware of Fake BSOD Delivered by Malicious Python Script appeared first on Cyber Security News.
Guru Baran
Android's New Feature Blocks Fraudsters from Sideloading Apps During Calls
1 year 4 months ago
Google is working on a new security feature for Android that blocks device owners from changing sensitive settings when a phone call is in progress.
Specifically, the in-call anti-scammer protections include preventing users from turning on settings to install apps from unknown sources and granting accessibility access. The development was first reported by Android Authority.
Users who attempt
The Hacker News
Court: UnitedHealth Must Answer for AI-Based Claim Denials
1 year 4 months ago
Lawsuit Alleges Insurer Used AI Tool in Denying Patients Medically Necessary Care
A proposed class action lawsuit against UnitedHealth Group, which claims the company's insurance unit UnitedHealthcare used artificial intelligence tools to deny Medicare Advantage claims for medically necessary care, has the green light to proceed from a federal judge.
A proposed class action lawsuit against UnitedHealth Group, which claims the company's insurance unit UnitedHealthcare used artificial intelligence tools to deny Medicare Advantage claims for medically necessary care, has the green light to proceed from a federal judge.
第三届阿里云CTF重磅来袭
1 year 4 months ago
比赛时间:2025.02.22 10:00-2025.02.23 22:00
PWN入门:异常变漏洞
1 year 4 months ago
看雪论坛作者ID:福建炒饭乡会
CVE-2024-56292 | wpdevelop Email Reminders Plugin up to 2.0.5 on WordPress cross site scripting
1 year 4 months ago
A vulnerability was found in wpdevelop Email Reminders Plugin up to 2.0.5 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting.
This vulnerability is known as CVE-2024-56292. The attack can be launched remotely. There is no exploit available.
vuldb.com
CVE-2024-56297 | dn88 Highlight Plugin up to 2.0.2 on WordPress cross site scripting
1 year 4 months ago
A vulnerability was found in dn88 Highlight Plugin up to 2.0.2 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting.
This vulnerability is handled as CVE-2024-56297. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2024-56299 | Pektsekye Notify Odoo Plugin up to 1.0.0 on WordPress cross site scripting
1 year 4 months ago
A vulnerability classified as problematic has been found in Pektsekye Notify Odoo Plugin up to 1.0.0 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting.
This vulnerability is uniquely identified as CVE-2024-56299. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2024-56296 | Hometory Mang Board WP Plugin up to 1.8.4 on WordPress cross site scripting
1 year 4 months ago
A vulnerability, which was classified as problematic, has been found in Hometory Mang Board WP Plugin up to 1.8.4 on WordPress. This issue affects some unknown processing. The manipulation leads to cross site scripting.
The identification of this vulnerability is CVE-2024-56296. The attack may be initiated remotely. There is no exploit available.
vuldb.com
美国CISA将苹果iOS、iPadOS及Mitel SIP电话漏洞列入已知被利用漏洞目录
1 year 4 months ago
攻击者已利用这些漏洞进行“极其复杂”的针对性攻击,威胁敏感数据安全,问题紧迫性极高。
通过Sharp4XOMLLoader 执行XOML文件绕过安全防护
1 year 4 months ago
.NET 内网攻防实战电子报刊
1 year 4 months ago
.NET 总第 59 期红队武器库和资源汇总
1 year 4 months ago
CVE-2025-22261 | Pixelite WP FullCalendar Plugin up to 1.5 on WordPress cross site scripting
1 year 4 months ago
A vulnerability, which was classified as problematic, has been found in Pixelite WP FullCalendar Plugin up to 1.5 on WordPress. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting.
This vulnerability is handled as CVE-2025-22261. The attack may be launched remotely. There is no exploit available.
vuldb.com