Aggregator

CVE-2019-11358 | Oracle Banking Platform up to 2.7.1 jQuery cross site scripting (EDB-52141 / Nessus ID 208606)

7 months 4 weeks ago

A vulnerability classified as critical has been found in Oracle Banking Platform up to 2.7.1. Affected is an unknown function of the component jQuery. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2019-11358. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

vuldb.com

Chrome扩展攻击指南（二）：漏洞分析

明天的乌云

7 months 4 weeks ago

结合漏洞案例，分析各组件的攻击面，最终绘制完整的攻击链路图

透明人

CVE-2005-3870 | edmobbs 0.9 edmobbs9r.php sql injection (EDB-26625 / BID-15589)

Vuldb Updates

7 months 4 weeks ago

A vulnerability was found in edmobbs 0.9. It has been rated as critical. This issue affects some unknown processing of the file edmobbs9r.php. The manipulation leads to sql injection. The identification of this vulnerability is CVE-2005-3870. The attack may be initiated remotely. Furthermore, there is an exploit available.

vuldb.com

【资料】伊朗最新消息特别报道-2025年6月21日（阅读时请注意分辨内容里的双标）

丁爸情报分析师的工具箱

7 months 4 weeks ago

伊朗最新消息特别报道-2025年6月21日（阅读时请注意分辨内容里的双标）

【资料】全球特定国家每日动态2025.6.22（新增马来西亚等东南亚国家）

丁爸情报分析师的工具箱

7 months 4 weeks ago

目前每日动态包含：马来西亚、越南、印度尼西亚、泰国、缅甸、菲律宾、日本、印度、巴基斯坦、阿富汗、土耳其、阿塞拜疆、叙利亚、沙特阿拉伯、伊朗、乌兹别克斯坦、土库曼斯坦、塔吉克斯坦、吉尔吉斯斯坦、哈萨克斯坦、尼日利亚等21国。

CVE-2009-4784 | Joaktree Com Joaktree 1.0 index.php treeId sql injection (EDB-10272 / BID-37178)

Vuldb Updates

7 months 4 weeks ago

A vulnerability classified as critical was found in Joaktree Com Joaktree 1.0. This vulnerability affects unknown code of the file index.php. The manipulation of the argument treeId leads to sql injection. This vulnerability was named CVE-2009-4784. The attack can be initiated remotely. Furthermore, there is an exploit available.

vuldb.com

安全分析与研究公众号文章精选

安全分析与研究

7 months 4 weeks ago

安全分析与研究文章精选

CVE-2017-18016 | Parity Browser up to 1.6.10 Web Proxy Engine Request 7pk security (EDB-43499)

Vuldb Updates

7 months 4 weeks ago

A vulnerability classified as problematic was found in Parity Browser up to 1.6.10. This vulnerability affects unknown code of the component Web Proxy Engine. The manipulation as part of Request leads to 7pk security features. This vulnerability was named CVE-2017-18016. The attack can be initiated remotely. Furthermore, there is an exploit available.

vuldb.com

CVE-2025-4322: одна строка кода заставила тысячи сайтов сдаться хакерам без сопротивления

Securitylab.ru

7 months 4 weeks ago

Сначала сброс пароля. Потом новый админ. Потом — ты полностью теряешь контроль.

CVE-2017-3558 | Oracle VM VirtualBox up to 5.0.37/5.1.19 access control (EDB-41904 / Nessus ID 99509)

Vuldb Updates

7 months 4 weeks ago

A vulnerability has been found in Oracle VM VirtualBox up to 5.0.37/5.1.19 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper access controls. This vulnerability is known as CVE-2017-3558. Attacking locally is a requirement. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2012-5229 | WordPress Slideshow Gallery2 border cross site scripting (EDB-36631 / XFDB-72748)

Vuldb Updates

7 months 4 weeks ago

A vulnerability was found in WordPress Slideshow Gallery2. It has been classified as problematic. This affects an unknown part. The manipulation of the argument border leads to cross site scripting. This vulnerability is uniquely identified as CVE-2012-5229. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

vuldb.com

CVE-2005-3980 | Edgewall Software Trac up to 0.50.9 group sql injection (EDB-26693 / Nessus ID 20252)

Vuldb Updates

7 months 4 weeks ago

A vulnerability was found in Edgewall Software Trac up to 0.50.9. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument group leads to sql injection. This vulnerability is known as CVE-2005-3980. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2025-6468 | code-projects Online Bidding System 1.0 /bidnow.php ID sql injection (EUVD-2025-18838)

Vuldb Updates

7 months 4 weeks ago

A vulnerability was found in code-projects Online Bidding System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /bidnow.php. The manipulation of the argument ID leads to sql injection. This vulnerability was named CVE-2025-6468. The attack can be initiated remotely. Furthermore, there is an exploit available.

vuldb.com

AWS Raises Expertise Bar for MSSP Partners

Security Boulevard

7 months 4 weeks ago

Amazon Web Services (AWS) this week revealed it has added new categories for describing offerings provided by partners offering managed services security providers (MSSP) as part of an effort to ensure a more consistent customer experience.

The post AWS Raises Expertise Bar for MSSP Partners appeared first on Security Boulevard.

Michael Vizard

Will AI Replace You — or Promote You? How to Stay Ahead

Security Boulevard

7 months 4 weeks ago

What can public- and private-sector staff do to stay relevant and grow their career in the midst of AI-driven tech layoffs? Here’s a roundup of recent stories and solutions to help.

The post Will AI Replace You — or Promote You? How to Stay Ahead appeared first on Security Boulevard.

Lohrmann on Cybersecurity

CVE-2012-2579 | WP SimpleMail 1.0.6 cross site scripting (EDB-20361 / XFDB-77538)

Vuldb Updates

7 months 4 weeks ago

A vulnerability was found in WP SimpleMail 1.0.6. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2012-2579. The attack may be launched remotely. Furthermore, there is an exploit available.

vuldb.com

CVE-2009-3443 | Fastballproductions Com Fastball up to 1.2 index.php league sql injection (EDB-9822 / SA36878)

Vuldb Updates

7 months 4 weeks ago

A vulnerability was found in Fastballproductions Com Fastball up to 1.2. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument league leads to sql injection. This vulnerability is traded as CVE-2009-3443. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

vuldb.com

CVE-2004-1821 | Warpspeed 4nalbum 0.92 modules.php gid sql injection (EDB-23816 / XFDB-15498)

Vuldb Updates

7 months 4 weeks ago

A vulnerability was found in Warpspeed 4nalbum 0.92. It has been rated as critical. Affected by this issue is some unknown functionality of the file modules.php. The manipulation of the argument gid leads to sql injection. This vulnerability is handled as CVE-2004-1821. The attack may be launched remotely. Furthermore, there is an exploit available.

vuldb.com

软件工程顶会——ICSE 2025 论文清单与摘要（下）

漏洞战争

7 months 4 weeks ago

软件工程顶会——ICSE 2025 论文清单与摘要（中）

漏洞战争

7 months 4 weeks ago

Aggregator

Managed ad