Tag
#web
C-MOR Video Surveillance versions 5.2401 and 6.00PL01 suffer from a cross site request forgery vulnerability.
C-MOR Video Surveillance versions 5.2401 and 6.00PL01 suffer from a persistent cross site scripting vulnerability.
C-MOR Video Surveillance version 5.2401 suffers from a reflective cross site scripting vulnerability.
Travel version 1.0 suffers from a remote shell upload vulnerability.
Webpay E-Commerce version 1.0 suffers from an ignored default credential vulnerability.
Online Sports Complex Booking System version 1.0 suffers from an ignored default credential vulnerability.
Online Pizza Ordering System version 1.0 suffers from an ignored default credential vulnerability.
File Management System version 1.0 suffers from an insecure direct object reference vulnerability.
A recently disclosed security flaw in OSGeo GeoServer GeoTools has been exploited as part of multiple campaigns to deliver cryptocurrency miners, botnet malware such as Condi and JenX, and a known backdoor called SideWalk. The security vulnerability is a critical remote code execution bug (CVE-2024-36401, CVSS score: 9.8) that could allow malicious actors to take over susceptible instances. In
Threat actors have long leveraged typosquatting as a means to trick unsuspecting users into visiting malicious websites or downloading booby-trapped software and packages. These attacks typically involve registering domains or packages with names slightly altered from their legitimate counterparts (e.g., goog1e.com vs. google.com). Adversaries targeting open-source repositories across