#web

Gentoo Linux Security Advisory 202409-26

Gentoo Linux Security Advisory 202409-26 - Multiple vulnerabilities have been found in IcedTea, the worst of which could result in arbitrary code execution. Versions less than or equal to 3.21.0 are affected.

4 months ago

Packet Storm

Open in Source

#vulnerability #web #mac #linux #java

Student Management System 1.0 Insecure Cookie Handling

Student Management System version 1.0 suffers from an insecure cookie handling vulnerability.

4 months ago

Packet Storm

Open in Source

#sql #xss #csrf #vulnerability #web #ios #mac #windows #apple #google #ubuntu #linux #debian #cisco #java #php #perl #auth #ruby #firefox

Sistem Penyewaan Baju atau Pakaian Berbasis Web 1.0 SQL Injection

Sistem Penyewaan Baju atau Pakaian Berbasis Web version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

4 months ago

Packet Storm

Open in Source

#sql #vulnerability #web #windows #google #php #auth #firefox

Simple Student Quarterly Result / Grade System 1.0 Insecure Settings

Simple Student Quarterly Result / Grade System version 1.0 suffers from an ignored default credential vulnerability.

4 months ago

Packet Storm

Open in Source

#sql #vulnerability #web #windows #google #php #auth #firefox

Simple Responsive Tourism Website 1.0 Cross Site Request Forgery

Simple Responsive Tourism Website version 1.0 suffers from a cross site request forgery vulnerability.

4 months ago

Packet Storm

Open in Source

#csrf #vulnerability #web #windows #google #java #php #auth #firefox

Sample Blog Site 1.0 Cross Site Scripting / Remote File Inclusion

Sample Blog Site version 1.0 suffers from cross site scripting and remote file inclusion vulnerabilities.

4 months ago

Packet Storm

Open in Source

#xss #vulnerability #web #windows #google #php #auth #firefox

THN Cybersecurity Recap: Last Week's Top Threats and Trends (September 23-29)

Hold onto your hats, folks, because the cybersecurity world is anything but quiet! Last week, we dodged a bullet when we discovered vulnerabilities in CUPS that could've opened the door to remote attacks. Google's switch to Rust is paying off big time, slashing memory-related vulnerabilities in Android. But it wasn't all good news – Kaspersky's forced exit from the US market left users with more

4 months ago

The Hacker News

Open in Source

#vulnerability #web #android #mac #google #microsoft #linux #red_hat #git #intel #aws #auth #The Hacker News

Facial DNA provider leaks biometric data via WordPress folder

ChiceDNA exposed 8,000 sensitive records, including biometric images, personal details, and facial DNA data in an unsecured WordPress…

4 months ago

HackRead

Open in Source

#web #git #wordpress #auth

Critical Flaws in Tank Gauge Systems Expose Gas Stations to Remote Attacks

Critical security vulnerabilities have been disclosed in six different Automatic Tank Gauge (ATG) systems from five manufacturers that could expose them to remote attacks. "These vulnerabilities pose significant real-world risks, as they could be exploited by malicious actors to cause widespread damage, including physical damage, environmental hazards, and economic losses," Bitsight researcher

4 months ago

The Hacker News

Open in Source

#sql #xss #vulnerability #web #cisco #dos #intel #rce #samba #buffer_overflow #hard_coded_credentials #auth #The Hacker News

Session Hijacking 2.0 — The Latest Way That Attackers are Bypassing MFA

Attackers are increasingly turning to session hijacking to get around widespread MFA adoption. The data supports this, as: 147,000 token replay attacks were detected by Microsoft in 2023, a 111% increase year-over-year (Microsoft). Attacks on session cookies now happen in the same order of magnitude as password-based attacks (Google). But session hijacking isn’t a new technique – so

4 months ago

The Hacker News

Open in Source

#xss #vulnerability #web #google #microsoft #git #java #auth #The Hacker News

Tag

#web