Tag
#auth
JobSeeker CMS version 1.5 suffers from an ignored default credential vulnerability.
Jobs Finder System version 1.0 suffers from a remote SQL injection vulnerability.
Human Resource Management System 2024 version 1.0 suffers from an ignored default credential vulnerability.
Hotel Management System version 1.0 suffers from a cross site request forgery vulnerability.
Bhojon Restaurant Management System version 3.0 suffers from an ignored default credential vulnerability.
Accounting Journal Management System version 1.0 suffers from a cross site request forgery vulnerability.
An adversary could exploit these vulnerabilities by injecting malicious libraries into Microsoft's applications to gain their entitlements and user-granted permissions.
The US Defense Department’s grand strategy for protecting Taiwan from a massive Chinese military offensive involves flooding the zone with thousands of drones.
A newly patched security flaw in Microsoft Windows was exploited as a zero-day by Lazarus Group, a prolific state-sponsored actor affiliated with North Korea. The security vulnerability, tracked as CVE-2024-38193 (CVSS score: 7.8), has been described as a privilege escalation bug in the Windows Ancillary Function Driver (AFD.sys) for WinSock. "An attacker who successfully exploited this
A vulnerability in corydolphin/flask-cors version 4.0.1 allows the `Access-Control-Allow-Private-Network` CORS header to be set to true by default, without any configuration option. This behavior can expose private network resources to unauthorized external access, leading to significant security risks such as data breaches, unauthorized access to sensitive information, and potential network intrusions.