Aggregator

A vulnerability, which was classified as critical, has been found in Flor De Utopia WorkingOnWeb 2.0.1400. Affected by this issue is some unknown functionality of the file events.php. The manipulation of the argument idevent leads to sql injection. This vulnerability is handled as CVE-2007-6128. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Irola My-Time 3.5 and classified as critical. Affected by this issue is some unknown functionality of the file login.asp of the component Login. The manipulation leads to sql injection. This vulnerability is handled as CVE-2007-6217. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in Amber Script 1.0. This affects an unknown part of the file show_content.php. The manipulation of the argument id leads to improper input validation. This vulnerability is uniquely identified as CVE-2007-6129. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as very critical, has been found in Apple QuickTime. Affected by this issue is some unknown functionality of the component RTSP Handler. The manipulation as part of Content-Type Header leads to memory corruption. This vulnerability is handled as CVE-2007-6166. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to disable the affected component.

A vulnerability was found in Mp3 ToolBox 1.0 Beta 5. It has been declared as critical. This vulnerability affects unknown code of the file index.php. The manipulation of the argument skin_file leads to code injection. This vulnerability was named CVE-2007-6139. The attack can be initiated remotely. Furthermore, there is an exploit available.

10月9日，微软发布了2024年10月份的月度例行安全公告，修复了多款产品存在的117个安全漏洞

2024年10月10日，深瞳漏洞实验室监测到一则GitLab组件存在权限绕过漏洞的信息，漏洞编号：CVE-2024-9164，漏洞威胁等级：严重。

2024年10月10日，深瞳漏洞实验室监测到一则Mozilla-firefox组件存在代码执行漏洞的信息，漏洞编号：CVE-2024-9680，漏洞威胁等级：严重。

豆包MarsCode 合伙人计划正式上线啦！

SIA Lab 旨在通过有效的产学研合作，实现大模型底层技术突破与产业应用构建。

A new tax-themed malware campaign targeting insurance and finance sectors has been observed leveraging GitHub links in phishing email messages as a way to bypass security measures and deliver Remcos RAT, indicating that the method is gaining traction among threat actors. "In this campaign, legitimate repositories such as the open-source tax filing software, UsTaxes, HMRC, and InlandRevenue were

A vulnerability was found in P3mbo Content Injector 1.52 and classified as critical. Affected by this issue is some unknown functionality of the file news.php. The manipulation of the argument cat leads to sql injection. This vulnerability is handled as CVE-2007-6137. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in PHPKIT 1.6.4pl1. This issue affects some unknown processing. The manipulation of the argument contentid leads to sql injection. The identification of this vulnerability is CVE-2007-6134. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in Amensa-Soft KB-Bestellsystem 2.3.3. It has been declared as very critical. Affected by this vulnerability is an unknown functionality of the file kb_whois.cgi. The manipulation of the argument tld leads to improper input validation. This vulnerability is known as CVE-2007-6176. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in DevMass Devmass Cart up to 1.0. This vulnerability affects unknown code of the file admin/kfm/initialise.php. The manipulation of the argument kfm_base_path leads to improper input validation. This vulnerability was named CVE-2007-6133. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in AlstraSoft E-Friends 4.98. Affected by this vulnerability is an unknown functionality of the file index.php. The manipulation of the argument seid leads to sql injection. This vulnerability is known as CVE-2007-6106. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in TalkBack. It has been declared as critical. This vulnerability affects unknown code of the file my-comments-display-tpl.php. The manipulation of the argument language_file leads to code injection. This vulnerability was named CVE-2007-6105. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in TalkBack 2.2.7. Affected is an unknown function of the file comments-display-tpl.php. The manipulation of the argument config[comments_form_tpl] leads to code injection. This vulnerability is traded as CVE-2007-6105. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

10月9日，微软发布了2024年10月份的月度例行安全公告，修复了多款产品存在的117个安全漏洞