Tag
#php
Accounting Journal Management System version 1.0 suffers from a code injection vulnerability.
ABIC Cardiology Management System version 1.0 suffers from a cross site request forgery vulnerability.
Hospital Management System version 1.0 suffers from a code injection vulnerability.
Event Registration and Attendance System version 1.0 suffers from a code injection vulnerability.
A previously undocumented backdoor named Msupedge has been put to use against a cyber attack targeting an unnamed university in Taiwan. "The most notable feature of this backdoor is that it communicates with a command-and-control (C&C) server via DNS traffic," the Symantec Threat Hunter Team, part of Broadcom, said in a report shared with The Hacker News. The origins of the backdoor are
The Ewon Cosy+ is a VPN gateway used for remote access and maintenance in industrial environments. The credentials used for the basic authentication against the web interface of Cosy+ are stored in the cookie "credentials" after a successful login. An attacker with access to a victim's browser is able to retrieve the administrative password of Cosy+.
Lawyer CMS version 1.6 suffers from an ignored default credential vulnerability.
JobSeeker CMS version 1.5 suffers from an ignored default credential vulnerability.
Jobs Finder System version 1.0 suffers from a remote SQL injection vulnerability.
Human Resource Management System 2024 version 1.0 suffers from an ignored default credential vulnerability.