Aggregator

52某特订单系统SQL注入52.1 漏洞概述某特网上订单管理系统getUser**.ashx存在SQL注入漏洞 GET /ajax/getUser**.ashx?locadCode=admin%27/

A vulnerability was found in OpenSSL up to 0.9.8u/1.0.0h. It has been declared as critical. This vulnerability affects the function mime_param_cmp of the file crypto/asn1/asn_mime.c. The manipulation leads to improper resource management. This vulnerability was named CVE-2012-1165. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in webglimpse up to 2.17.1. It has been declared as critical. This vulnerability affects unknown code of the file webglimpse.cgi. The manipulation of the argument query leads to os command injection. This vulnerability was named CVE-2012-1795. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Opera Web Browser up to 7.19 and classified as very critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper resource management. This vulnerability is known as CVE-2008-1762. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Vulnerabilities can often be found in places we don’t expect, and CVE-2022-24547 in CastSrv.exe is

Tse-Hsun (Peter) ChenLeader of the Software PErformance, Analysis, and Reliability (SPEAR) lab at Co

CVE-2024-30085 is a heap-based buffer overflow vulnerability affecting the Windows Cloud Files Mini

2024 has been a tumultuous year in cybersecurity with numerous significant data breaches compromisin

报告时间：2024年12月26日（周四）上午10:00

守护智慧医疗安全底线!

01IoMT背景介绍医疗物联网（IoMT：Internet of Medical Things）是物联网在医疗行业的重要应用。随着医疗行业大力推进数字化和智能化转型，IoMT技术已经成为提升医疗服务效

This daily article is intended to make it easier for those who want to stay updated with my regular Dark Web Informer and X/Twitter posts.

A vulnerability, which was classified as critical, has been found in webuidesigning NebulaX Theme up to 5.0 on WordPress. This issue affects the function nebula_send_to_hubspot of the file libs/Legacy/Legacy.php. The manipulation leads to sql injection. The identification of this vulnerability is CVE-2018-25106. The attack may be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A Threat Actor Claims to be Selling the Data of Cashory

A vulnerability classified as critical was found in Desiderata Software Blazix 1.2/1.2.1. This vulnerability affects unknown code of the component HTTP Request Handler. The manipulation leads to information disclosure (Source). This vulnerability was named CVE-2002-1451. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Mozilla Firefox up to 23.0.1. It has been declared as problematic. This vulnerability affects unknown code of the component file:/ Handler. The manipulation leads to cross site scripting. This vulnerability was named CVE-2013-1727. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.