#windows

Credit Lite version 1.5.4 suffers from a remote SQL injection vulnerability.

Fara Melk Estate CMS version 1.5.0 suffers from an information leakage vulnerability.

Evsanati Radyo version 1.0 suffers from a remote shell upload vulnerability.

Event Locations CMS version 1.0.1 suffers from a remote shell upload vulnerability.

DoorGets CMS version 7.0 suffers from an information leakage vulnerability.

Emaar Real Estate Agency Directory System version 5.7 suffers from a remote shell upload vulnerability.

By Habiba Rashid Malware-Driven Proxy Servers Exploit Unsuspecting Users. This is a post from HackRead.com Read the original post: New Malware Turns Windows and macOS Devices into Proxy Nodes

A high-severity security flaw has been disclosed in the WinRAR utility that could be potentially exploited by a threat actor to achieve remote code execution on Windows systems. Tracked as CVE-2023-40477 (CVSS score: 7.8), the vulnerability has been described as a case of improper validation while processing recovery volumes. "The issue results from the lack of proper validation of user-supplied

SQL injection vulnerability in berkaygediz O_Blog v.1.0 allows a local attacker to escalate privileges via the secure_file_priv component.

Threat actors are leveraging access to malware-infected Windows and macOS machines to deliver a proxy server application and use them as exit nodes to reroute proxy requests. According to AT&T Alien Labs, the unnamed company that offers the proxy service operates more than 400,000 proxy exit nodes, although it's not immediately clear how many of them were co-opted by malware installed on