Aggregator

Advent of Cyber 2024 [ Day 4] Writeup with Answers | TryHackMe Walkthrough

Advent of Cyber 2024 [ Day 5 ] Writeup with Answers | TryHackMe Walkthrough

From File Upload To LFI: A Journey To Exploitation

From File Upload To LFI: A Journey To Exploitation

Mr Hamza Targeted the Website of Royal Household of Spain

Russian Cyber Army Team Targeted the Website of Your City

BANGLADESH BLACK NET Defaced the Website of Raje Dharmrao Arts Commerce College

OpenAI被勒索？ 原系“肯德基”文案病毒传播

Z-Pentest Defaced the Website of IDEAL AUTOS

Никель-водородные аккумуляторы отправляют литий-ионных собратьев в нокаут.

The cyber landscape is evolving rapidly with new opportunities and threats branching off of every new technological breakthrough. From operational resilience to leadership structures, the decisions IT leaders make today

Read More

The post 5 Cyber Risk Predictions That Will Define 2025 appeared first on Axio.

The post 5 Cyber Risk Predictions That Will Define 2025 appeared first on Security Boulevard.

A vulnerability was found in PHPGurukul Medical Card Generation System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/search-medicalcard.php. The manipulation of the argument searchdata leads to cross site scripting. This vulnerability is handled as CVE-2024-48703. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in OroPlatform CMS 5.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument Search leads to cross site scripting. This vulnerability is known as CVE-2024-50677. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Ubiquiti U7-Pro 7.0.35. It has been classified as critical. Affected is an unknown function of the file /etc/shadow. The manipulation leads to use of hard-coded password. This vulnerability is traded as CVE-2024-54749. The attack needs to be initiated within the local network. There is no exploit available.

A vulnerability was found in QNAP QTS and QuTS hero and classified as critical. This issue affects some unknown processing. The manipulation leads to improper certificate validation. The identification of this vulnerability is CVE-2024-48865. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

Что общего у органа и «призраков»?

A vulnerability has been found in open-quantum-safe liboqs up to 0.11.x and classified as problematic. This vulnerability affects the function decapsulation. The manipulation leads to information disclosure. This vulnerability was named CVE-2024-54137. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A Threat Actor Has Allegedly Leaked the Data of Ticket Shop Tickety

A vulnerability, which was classified as critical, was found in QNAP QuRouter 2.4.3.103/2.4.4.106. This affects an unknown part. The manipulation leads to sql injection. This vulnerability is uniquely identified as CVE-2024-50389. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in HCL Nomad Server on Domino up to 1.0.13. Affected by this issue is some unknown functionality of the component HTTP Header Handler. The manipulation of the argument Host leads to improper neutralization of http headers for scripting syntax. This vulnerability is handled as CVE-2024-30129. The attack may be launched remotely. There is no exploit available.