Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

PHPJabbers Cinema Booking System 1.0 Missing Rate Limiting

PHPJabbers Cinema Booking System version 1.0 suffers from a missing rate limiting vulnerability.

Packet Storm
Open in Source
#vulnerability#web#windows#linux#dos#git#php#auth
PHPJabbers Cinema Booking System 1.0 CSV Injection

PHPJabbers Cinema Booking System version 1.0 suffers from a CSV injection vulnerability.

PHPJabbers Meeting Room Booking System 1.0 Missing Rate Limiting

PHPJabbers Meeting Room Booking System version 1.0 suffers from a missing rate limiting vulnerability.

PHPJabbers Cleaning Business Software 1.0 CSV Injection

PHPJabbers Cleaning Business Software version 1.0 suffers from a CSV injection vulnerability.

PHPJabbers Cinema Booking System 1.0 Cross Site Scripting

PHPJabbers Cinema Booking System version 1.0 suffers from reflective and persistent cross site scripting vulnerabilities.

PHPJabbers Cleaning Business Software 1.0 Cross Site Scripting

PHPJabbers Cleaning Business Software version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.

PHPJabbers Cleaning Business Software 1.0 Missing Rate Limiting

PHPJabbers Cleaning Business Software version 1.0 suffers from multiple missing rate limiting vulnerabilities.

PHPJabbers Shared Asset Booking System 1.0 Cross Site Scripting

PHPJabbers Shared Asset Booking System version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.

New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems

Cybersecurity researchers have developed a proof-of-concept (PoC) code that exploits a recently disclosed critical flaw in the Apache OfBiz open-source Enterprise Resource Planning (ERP) system to execute a memory-resident payload. The vulnerability in question is CVE-2023-51467 (CVSS score: 9.8), a bypass for another severe shortcoming in the same software (

Siemens SIMATIC

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).  View CSAF 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow and attacker to obtain remote unauthorized access. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Siemens products with maxView Storage Manager on Windows, are affected: SIMATIC IPC647E: All versions prior to V4.14.00.26068 SIMATIC IPC847E: All versions prior to V4.14.00.26068 SIMATIC IPC1047E: All versions prior to V4.14.00.26068 3.2 Vulnerability Overview 3.2.1 IMPROPER INPUT VALIDATION CWE-20 In default installations...