Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

eClass IP 2.5 SQL Injection

eClass IP version 2.5 suffers from a remote SQL injection vulnerability.

Packet Storm
Open in Source
#sql#xss#csrf#vulnerability#web#ios#mac#windows#apple#google#ubuntu#linux#debian#cisco#java#php#perl#auth#ruby#firefox
Chicv Management System Login 4.5.6 Insecure Direct Object Reference

Chicv Management System Login version 4.5.6 suffers from an insecure direct object reference vulnerability.

Aicte India LMS 3.0 Cross Site Scripting

Aicte India LMS version 3.0 suffers from a cross site scripting vulnerability.

Cybercriminals Using EvilProxy Phishing Kit to Target Senior Executives in U.S. Firms

Senior executives working in U.S.-based organizations are being targeted by a new phishing campaign that leverages a popular adversary-in-the-middle (AiTM) phishing toolkit named EvilProxy to conduct credential harvesting and account takeover attacks. Menlo Security said the activity started in July 2023, primarily singling out banking and financial services, insurance, property management and

CVE-2023-45247

Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 36497.

Formbook Takes the Throne as Most Prevalent Malware

By Waqas September 2023’s Most Wanted Malware: Remcos Wreaks Havoc in Colombia and Formbook Takes Top Spot after Qbot Shutdown, reveals Check Point. This is a post from HackRead.com Read the original post: Formbook Takes the Throne as Most Prevalent Malware

CVE-2023-44993: WordPress AI ChatBot plugin <= 4.7.8 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in QuantumCloud AI ChatBot plugin <= 4.7.8 versions.

CVE-2023-44473: WordPress Table of Contents Plus plugin <= 2302 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Michael Tran Table of Contents Plus plugin <= 2302 versions.

CVE-2023-44240: WordPress Timthumb Vulnerability Scanner plugin <= 1.54 - Cross Site Request Forgery (CSRF) vulnerability - Patchstack

Cross-Site Request Forgery (CSRF) vulnerability in Peter Butler Timthumb Vulnerability Scanner plugin <= 1.54 versions.

RHSA-2023:5528: Red Hat Security Advisory: python3 security update

An update for python3 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-40217: Python 3 ssl.SSLSocket is vulnerable to a bypass of the TLS handshake in certain instances for HTTPS servers and other server-side protocols that use TLS client authentication such as mTLS....