Aggregator

A vulnerability was found in I-Tech Trainsmart r1044 and classified as critical. This issue affects some unknown processing of the file evaluation/assign-evaluation. The manipulation of the argument id leads to sql injection. The identification of this vulnerability is CVE-2021-36520. The attack can only be done within the local network. Furthermore, there is an exploit available.

A new malware variant called Nunu Stealer is making headlines after being advertised on underground hacker forums and Telegram channels. Priced at $100 per month, this malicious tool is gaining attention for its extensive capabilities and potential to wreak havoc on individuals and organizations alike. According to a post shared by a ThreatMon on X, the malware […]

The post Threat Actors Selling Nunu Stealer On Hacker Forums appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability was found in Microsoft Internet Explorer up to 6.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality in the library wininet.dll. The manipulation of the argument content-type leads to denial of service. This vulnerability is known as CVE-2006-5162. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Lappy512 PHP Krazy Image Host Script 0.7a. It has been rated as critical. Affected by this issue is some unknown functionality of the file display.php. The manipulation of the argument id leads to sql injection. This vulnerability is handled as CVE-2006-5140. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability has been found in VAMP Webmail up to 2.0beta1 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument no_url leads to file inclusion. This vulnerability is known as CVE-2006-5147. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Forum82 2.5.2b and classified as critical. Affected by this issue is some unknown functionality in the library forum82lib.php3. The manipulation of the argument repertorylevel leads to file inclusion. This vulnerability is handled as CVE-2006-5148. The attack may be launched remotely. Furthermore, there is an exploit available.

Apache Struts 的文件上传逻辑存在缺陷，如果应用程序使用了 FileUploadInterceptor，在进行文件上传时，攻击者可以操纵文件上传参数来启用路径遍历，在某些情况下，这可能导致上传可用于执行远程代码执行的恶意文件。

Apache Struts 的文件上传逻辑存在缺陷，如果应用程序使用了 FileUploadInterceptor，在进行文件上传时，攻击者可以操纵文件上传参数来启用路径遍历，在某些情况下，这可能导致上传可用于执行远程代码执行的恶意文件。

Apache Struts 的文件上传逻辑存在缺陷，如果应用程序使用了 FileUploadInterceptor，在进行文件上传时，攻击者可以操纵文件上传参数来启用路径遍历，在某些情况下，这可能导致上传可用于执行远程代码执行的恶意文件。

Apache Struts 的文件上传逻辑存在缺陷，如果应用程序使用了 FileUploadInterceptor，在进行文件上传时，攻击者可以操纵文件上传参数来启用路径遍历，在某些情况下，这可能导致上传可用于执行远程代码执行的恶意文件。

Apache Struts 的文件上传逻辑存在缺陷，如果应用程序使用了 FileUploadInterceptor，在进行文件上传时，攻击者可以操纵文件上传参数来启用路径遍历，在某些情况下，这可能导致上传可用于执行远程代码执行的恶意文件。

Apache Struts 的文件上传逻辑存在缺陷，如果应用程序使用了 FileUploadInterceptor，在进行文件上传时，攻击者可以操纵文件上传参数来启用路径遍历，在某些情况下，这可能导致上传可用于执行远程代码执行的恶意文件。

Apache Struts 的文件上传逻辑存在缺陷，如果应用程序使用了 FileUploadInterceptor，在进行文件上传时，攻击者可以操纵文件上传参数来启用路径遍历，在某些情况下，这可能导致上传可用于执行远程代码执行的恶意文件。

1. 前言官方公告:   https://cwiki.apache.org/confluence/display/WW/S2-067漏洞描述：Apache Struts 的文件上传逻辑存在缺陷，如果应

中国电视机制造商 TCL 在高端电视市场连续两个季度超过了韩国三星。根据市场研究公司 Omdia 周四公布的数据，在 80 英寸及以上的电视机市场，TCL 三季度份额为 23%，三星从去年同期的 26% 降至 19%，海信紧随其后，仅仅比三星低 1.65%，LG 去年排名第三，今年被海信超越。中国品牌电视机不再被视为廉价品，在 LCD 电视领域，中国和韩国产品的技术差距微乎其微，在部分领域还具有优势，比如推出 100 英寸电视机，为产品配备 AI 功能。上月的黑五促销期间，海信 100 英寸的电视机仅售价 1,599 美元，TCL 98 英寸的 mini-LED 电视售价为 2,900 美元，相比下三星 98 英寸 mini-LED 电视售价为 8,997 美元，巨大的价格差让消费者日益青睐中国品牌。业内人士认为，韩国在电视硬件上难以与中国品牌竞争，由于中国政府的补贴以及低制造成本，韩国公司无法像中国公司那样降低价格。

The FBI has issued a warning about the Hiatus RAT malware targeting Xiongmai and Hikvision web cameras and DVRs, urging users isolate these devices from networks

​The Alliance for Creativity and Entertainment (ACE) has taken down one of the world's large

«Инфосистемы Джет» опубликовала аналитический отчет о киберугрозах, выявленных в 2024 году.