Aggregator

Published at 2024-10-27 | Last Update 2024-10-27 本系列分为三篇文章，试图通过简单的实地环境来直观理解 JuiceFS的数

Published at 2024-10-27 | Last Update 2024-10-27 本系列分为三篇文章，试图通过简单的实地环境来直观理解 JuiceFS的数

Bug bounty hunters who spend time in content discovery and reconnaissance, in general, are always re

A vulnerability has been found in SearchBlox up to 7.5 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to information disclosure. This vulnerability is known as CVE-2013-3597. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

前言不更新就是在hwww不是星标不推送文章了。师傅也不想吧~快把极梦C设置成星标吧。信息收集对目标进行系统收集，发现只有一个官网。页面有几个可以跳转的，官网->xxx系统->根据xxx系统title找

The new win11 version of Notepad accepts a few command line options that i have not seen documen

A vulnerability, which was classified as critical, has been found in PowerPhlogger 2.0.9/2.2.1/2.2.2a/2.2.5. Affected by this issue is some unknown functionality of the file edcss.php. The manipulation of the argument css_str leads to sql injection. This vulnerability is handled as CVE-2008-2562. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in Powie pSys 0.7.0. This vulnerability affects unknown code of the file index.php. The manipulation of the argument shownews leads to sql injection. This vulnerability was named CVE-2008-5269. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in Fourtwosevenbb 427BB 2.3.1. Affected is an unknown function of the file showpost.php. The manipulation of the argument post leads to sql injection. This vulnerability is traded as CVE-2008-2560. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability classified as problematic was found in Fourtwosevenbb 427BB 2.3.1. Affected by this vulnerability is an unknown functionality of the file register.php. The manipulation of the argument keywords leads to cross site scripting. This vulnerability is known as CVE-2008-2561. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Simple Shop Galore up to 3.4 on Joomla. It has been rated as critical. Affected by this issue is some unknown functionality of the file index.php. The manipulation of the argument catid leads to sql injection. This vulnerability is handled as CVE-2008-2568. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in KDE up to 3.0.4. It has been classified as critical. This affects an unknown part of the component rlogin KIO subsystem. The manipulation leads to memory corruption. This vulnerability is uniquely identified as CVE-2002-1281. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

Скрытые процессы «разрыва шейки» показали неслучайный характер.

A vulnerability was found in Tenda AC1206 up to 20241027. It has been classified as critical. This affects the function ate_Tenda_mfg_check_usb/ate_Tenda_mfg_check_usb3 of the file /goform/ate. The manipulation of the argument arg leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2024-10434. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Submit #431291 / VDB-281985

A vulnerability was found in Project Worlds Simple Web-Based Chat Application 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument Name/Comment leads to cross site scripting. This vulnerability is handled as CVE-2024-10433. The attack may be launched remotely. Furthermore, there is an exploit available. The initial researcher advisory mentions different parameters to be affected which do not correlate with the screenshots of a successful attack.

A vulnerability has been found in Project Worlds Simple Web-Based Chat Application 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument username leads to sql injection. This vulnerability is known as CVE-2024-10432. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in Codezips Pet Shop Management System 1.0. Affected is an unknown function of the file /deletebird.php. The manipulation of the argument t1 leads to sql injection. This vulnerability is traded as CVE-2024-10431. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in Codezips Pet Shop Management System 1.0. This issue affects some unknown processing of the file /animalsupdate.php. The manipulation of the argument id leads to sql injection. The identification of this vulnerability is CVE-2024-10430. The attack may be initiated remotely. Furthermore, there is an exploit available.

Submit #432236 / VDB-281984