Aggregator

A vulnerability, which was classified as problematic, was found in SourceCodester Employee Management System 1.0. Affected is an unknown function of the file /process/assignp.php of the component Project Assignment Report. The manipulation of the argument pname leads to cross site scripting. This vulnerability is traded as CVE-2024-1871. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in SourceCodester Complaint Management System 1.0 and classified as critical. This issue affects some unknown processing of the file users/register-complaint.php of the component Lodge Complaint Section. The manipulation leads to unrestricted upload. The identification of this vulnerability is CVE-2024-1875. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in SourceCodester Employee Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /psubmit.php. The manipulation of the argument pid with the input '+or+1%3d1%23 leads to sql injection. This vulnerability is traded as CVE-2024-1876. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in SourceCodester Employee Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /cancel.php. The manipulation of the argument id with the input 1%20or%201=1 leads to sql injection. This vulnerability is known as CVE-2024-1877. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in SourceCodester Employee Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /myprofile.php. The manipulation of the argument id with the input 1%20or%201=1 leads to sql injection. This vulnerability is handled as CVE-2024-1878. The attack may be launched remotely. Furthermore, there is an exploit available.

丘成桐称华裔科学家别无选择只能离开美国

SAP fixed critical SSRF flaw in NetWeaver’s Adobe Document Services

Red Canary's ecosystem of integrations and tech partnerships ensures you have the data, tools, and expertise to keep your organization safe.

防火墙服务配置漏洞波及多家全球财富 100 强公司

Looking Back on 2024 - ASW #310

Inside the incident: Uncovering an advanced phishing attack

New Cleo zero-day RCE flaw exploited in data theft attacks

韩国网络巨头 Naver 创造了自己的发行版，提供十年支持

SaaS 巨头被勒索攻击，泄露 680GB 数据

As part of the commitment to CISA's Secure by Design pledge, Snowflake will begin blocking sign-ins using single-factor authentication next year.

勒索软件袭击了全球领先的心脏手术设备制造商 Artivion

The AI Fix #28: Robot dogs with bombs, and who is David Mayer?

Cybercriminal Gang 'Money Message' Claims Credit, Publishes Stolen Records
A Massachusetts hospital is notifying 316,000 people that their information was compromised in a cyberattack discovered nearly a year ago during Christmas 2023. Cybercriminal group Money Message claimed that it stole 600 gigabytes data, posting patient and employee records on the darkweb.