Tag
#auth
E-commerce Growisei CMS version 2.0 appears to leave default credentials installed after installation.
DBCInfoTech CMS version 2.0 suffers from an unauthenticated administrator reinstall vulnerability.
Education Time Indonesian School CRM version 1.7 suffers from a cross site scripting vulnerability.
Eden CMS version 1.02 suffers from a cross site scripting vulnerability.
Ecommerce Responsive version 1.2 suffers from an insecure direct object reference vulnerability.
E-Biz CMS version 2.0 suffers from a cross site request forgery vulnerability.
EasyPX CMS version 06.02.04 suffers from a cross site scripting vulnerability.
A new remote access trojan (RAT) called QwixxRAT is being advertised for sale by its threat actor through Telegram and Discord platforms. "Once installed on the victim's Windows platform machines, the RAT stealthily collects sensitive data, which is then sent to the attacker's Telegram bot, providing them with unauthorized access to the victim's sensitive information," Uptycs said in a new
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in iControlWP Article Directory Redux plugin <= 1.0.2 versions.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in AdFoxly AdFoxly – Ad Manager, AdSense Ads & Ads.Txt plugin <= 1.8.5 versions.