Aggregator

网络面板介绍 网络面板 (NetworkPanel) 是一个在线流量消耗器，可以测试你的网速，监测你的网络环境，提供丰富测试节点，并且长期维护更新，支持国内外多运营商测速节点，提供测速图表等等数...

Инцидент показал слабые места в защите активов США.

A vulnerability was found in Oracle Enterprise Data Quality 11.1.1.9.0. It has been rated as very critical. This issue affects some unknown processing of the component General. The manipulation leads to improper access controls. The identification of this vulnerability is CVE-2016-1000031. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

豆包MarsCode AI 红人共创计划启动，参与活动拿 5w元现金激励！启动仪式直播间还有多重好礼等你拿！

A vulnerability classified as critical was found in Poll Maker Plugin up to 5.4.6 on WordPress. This vulnerability affects unknown code. The manipulation of the argument Order_by leads to sql injection. This vulnerability was named CVE-2024-9475. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Best House Rental Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the component Login. The manipulation of the argument username leads to sql injection. The identification of this vulnerability is CVE-2024-48579. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as critical was found in Best Courier Management System 1.0. Affected by this vulnerability is an unknown functionality of the component Login. The manipulation of the argument email leads to sql injection. This vulnerability is known as CVE-2024-48580. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in HocWP Extensions Plugin up to 0.2.3.2 on WordPress. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper authentication. This vulnerability is known as CVE-2024-9930. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in Sovrn Editorial Assistant Plugin up to 1.3.3 on WordPress. Affected is an unknown function of the component Attachment Upload Handler. The manipulation leads to missing authorization. This vulnerability is traded as CVE-2024-9626. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability has been found in User Toolkit Plugin up to 1.2.3 on WordPress and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper authentication. This vulnerability is known as CVE-2024-9890. The attack can be launched remotely. There is no exploit available.

勒索软件攻击残疾人非营利组织，UnitedHealth被盗1亿个数据……

银狐家族主要目标是窃取个人和财务信息，这些数据可能被用于网络诈骗和身份盗窃等非法活动。此次发现的银狐家族在公开的银狐家族中属于比较突出的存在，其还包含利用受害者设备进行挖矿获利。天擎客户无需太担心，目前天擎已支持对该家族的全面查杀和拦截。

前 言有很长一段时间没推更了,原因挺多，一是不想分享一些肤浅的测试、二是在做项目上的事情,保密性没法做分享。今天给师傅们带来一些好用的JS手法测试1.问题主要还是在内网,一些大厂系统在做运维喜欢把Js

A vulnerability classified as problematic has been found in Open-Xchange Server 6.20.7/6.22.0/6.22.1. This affects an unknown part. The manipulation leads to path traversal. This vulnerability is uniquely identified as CVE-2013-1645. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Poco-z Guns-Medical 1.0. It has been declared as problematic. Affected by this vulnerability is the function upload of the file /mgr/upload of the component File Upload. The manipulation of the argument picture leads to cross site scripting. This vulnerability is known as CVE-2024-10412. The attack can be launched remotely. There is no exploit available.

Submit #427005 / VDB-281941

A vulnerability was found in SourceCodester Online Hotel Reservation System 1.0. It has been classified as critical. Affected is the function doCancelRoom/doCancel/doConfirm/doCancel/doCheckin/doCheckout of the file /marimar/admin/mod_room/controller.php. The manipulation of the argument id leads to sql injection. This vulnerability is traded as CVE-2024-10411. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

Submit #431586 / VDB-281940

A vulnerability was found in code-projects Blood Bank Management 1.0 and classified as critical. This issue affects some unknown processing of the file /file/accept.php. The manipulation of the argument reqid leads to sql injection. The identification of this vulnerability is CVE-2024-10409. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability has been found in code-projects Blood Bank Management up to 1.0 and classified as critical. This vulnerability affects unknown code of the file /abs.php. The manipulation of the argument search leads to sql injection. This vulnerability was named CVE-2024-10408. The attack can be initiated remotely. Furthermore, there is an exploit available.