Aggregator

A vulnerability, which was classified as critical, has been found in Cambridge Computer vxFtpSrv 2.0.3. Affected by this issue is some unknown functionality. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2008-4452. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in Ezonescripts Link Trader Script. This affects an unknown part of the file ratelink.php. The manipulation of the argument lnkid leads to sql injection. This vulnerability is uniquely identified as CVE-2008-6102. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Brickhost phpScheduleIt up to 1.2.10 and classified as critical. Affected by this vulnerability is the function eval of the file reserve.php. The manipulation of the argument start_date leads to code injection. This vulnerability is known as CVE-2008-6132. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in ESET System Analyzer Tool 1.1.1.0. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper access controls. This vulnerability is known as CVE-2008-4451. Attacking locally is a requirement. Furthermore, there is an exploit available.

A vulnerability was found in phpscripts Ranking-script. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation of the argument admin=ja leads to improper authentication. This vulnerability is handled as CVE-2008-6092. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in RPortal 1.1. Affected is an unknown function of the file index.php. The manipulation of the argument file_op leads to code injection. This vulnerability is traded as CVE-2008-6099. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in Crux Software Gallery up to 1.32. Affected by this issue is some unknown functionality of the file index.php. The manipulation of the argument theme leads to path traversal. This vulnerability is handled as CVE-2008-4483. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in BMForum 5.6. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file plugins.php. The manipulation of the argument tagname leads to sql injection. This vulnerability is known as CVE-2008-6091. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in Noname CMS 1.0. This affects an unknown part of the file index.php. The manipulation of the argument kategorie leads to sql injection. This vulnerability is uniquely identified as CVE-2008-6093. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in BerliOS Discussion Forum 2k 3.3. Affected by this vulnerability is an unknown functionality of the file RSS1.php. The manipulation of the argument SubID leads to sql injection. This vulnerability is known as CVE-2008-6100. The attack can be launched remotely. Furthermore, there is an exploit available.

A Threat Claims to Have Admin Access to the Joomla Portal of Hospital Salazar de Villeta

Interpol announced it arrested 41 individuals and taken down 1,037 servers and infrastructure running on 22,000 IP addresses facilitating cybercrime in an international law enforcement action titled Operation Synergia II. [...]

NoName Targeted Multiple Websites in South Korea

A vulnerability, which was classified as critical, was found in PTZOptics PT30X-SDI and PT30X-NDI up to 6.3.39. This affects an unknown part of the file /cgi-bin/param.cgi of the component Authorization Header Handler. The manipulation leads to improper authentication. This vulnerability is uniquely identified as CVE-2024-8956. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Oracle Contract Lifecycle Management for Public Sector up to 12.2.13. It has been classified as critical. Affected is an unknown function of the component Award Processes. The manipulation leads to improper authorization. This vulnerability is traded as CVE-2024-21278. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Oracle Sourcing up to 12.2.13. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Auctions. The manipulation leads to improper authorization. This vulnerability is known as CVE-2024-21279. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Oracle Financials up to 12.2.13. This affects an unknown part of the component Common Component. The manipulation leads to improper authorization. This vulnerability is uniquely identified as CVE-2024-21282. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in PTZOptics PT30X-SDI and PT30X-NDI up to 6.3.39 and classified as critical. This vulnerability affects unknown code. The manipulation of the argument ntp_addr leads to os command injection. This vulnerability was named CVE-2024-8957. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in OpenSSL up to 3.0.7. Affected is an unknown function of the component PKCS7 Data Verification. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2023-0401. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.