#firefox

CVE-2023-29848: Bang Resto 1.0 Cross Site Scripting ≈ Packet Storm

Bang Resto 1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the itemName parameter in the admin/menu.php Add New Menu function.

2 years ago

CVE

Open in Source

#xss #vulnerability #web #windows #apache #js #git #php #auth #firefox

CVE-2023-2245: hansuncmswebshell/README.md at main · MorStardust/hansuncmswebshell

A vulnerability was found in hansunCMS 1.4.3. It has been declared as critical. This vulnerability affects unknown code of the file /ueditor/net/controller.ashx?action=catchimage. The manipulation leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-227230 is the identifier assigned to this vulnerability.

2 years ago

CVE

Open in Source

#vulnerability #web #windows #auth #firefox #asp.net

Lazarus X_TRADER Hack Impacts Critical Infrastructure Beyond 3CX Breach

Lazarus, the prolific North Korean hacking group behind the cascading supply chain attack targeting 3CX, also breached two critical infrastructure organizations in the power and energy sector and two other businesses involved in financial trading using the trojanized X_TRADER application. The new findings, which come courtesy of Symantec's Threat Hunter Team, confirm earlier suspicions that the

2 years ago

The Hacker News

Open in Source

#web #mac #windows #apple #google #linux #backdoor #zero_day #chrome #firefox #The Hacker News

FortiGate Brute Forcer

This python script is a slow brute forcing utility to check passwords against FortiGate appliances. Check the homepage link for more information on how this was used to slowly bypass brute force protections.

2 years ago

Packet Storm

Open in Source

#windows #ubuntu #firefox

N.K. Hackers Employ Matryoshka Doll-Style Cascading Supply Chain Attack on 3CX

The supply chain attack targeting 3CX was the result of a prior supply chain compromise associated with a different company, demonstrating a new level of sophistication with North Korean threat actors. Google-owned Mandiant, which is tracking the attack event under the moniker UNC4736, said the incident marks the first time it has seen a "software supply chain attack lead to another software

2 years ago

The Hacker News

Open in Source

#web #mac #windows #apple #google #git #intel #c++#backdoor #auth #zero_day #chrome #firefox #The Hacker News

CVE-2023-2202: Security Fix browser loading cached page when page full reload (F5) +… · francoisjacquet/rosariosis@6433946

Improper Access Control in GitHub repository francoisjacquet/rosariosis prior to 10.9.3.

2 years ago

CVE

Open in Source

#web #ios #git #java #php #firefox

3CX Supply Chain Attack Tied to Financial Trading App Breach

Mandiant found that North Korea's UNC4736 gained initial access on 3CX's network when an employee downloaded a weaponized but legitimately-signed app from Trading Technologies.

2 years ago

DARKReading

Open in Source

#web #mac #windows #google #linux #git #backdoor #chrome #firefox

CVE-2023-30076: cve_report/SQLi-2.md at main · Dzero57/cve_report

Sourcecodester Judging Management System v1.0 is vulnerable to SQL Injection via /php-jms/print_judges.php?print_judges.php=&se_name=&sub_event_id=.

2 years ago

CVE

Open in Source

#sql #vulnerability #windows #php #firefox

CVE-2023-27777: GitHub - lohyt/Privilege-escalation-in-online-jewelry-website: Vertical Privilege Escalation vulnerability found in Online Jewellery Store from Sourcecodester website.

Cross-site scripting (XSS) vulnerability was discovered in Online Jewelry Shop v1.0 that allows attackers to execute arbitrary script via a crafted URL.

2 years ago

CVE

Open in Source

#sql #xss #vulnerability #web #git #php #chrome #firefox

CVE-2023-29854: Vulnerabilitys/DirCMS_V6.0.0_XSS_vulnerability.md at main · secflag/Vulnerabilitys

DirCMS 6.0.0 has a Cross Site Scripting (XSS) vulnerability in the foreground.

2 years ago

CVE

Open in Source

#sql #xss #vulnerability #web #ios #windows #git #php #firefox

Tag

#firefox