Aggregator

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

雷神众测拥有该文章的修改和解释权。如欲转载或传播此文章，必须保证此文章的副本，包括版权声明等全部内容。声明雷神众测允许，不得任意修改或增减此文章内容，不得以任何方式将其用于商业目的。

补天白帽城市沙龙-广州站门票获取方式公布！速速围观~

Weak and reused credentials continue to plague users and organizations. Learn from Specops software about why passwords are so easy to hack and how organizations can fortify their security efforts. [...]

A vulnerability classified as critical was found in DrayTek Vigor 3900 1.5.1.3. This vulnerability affects the function set_ap_map_config of the file cgi-bin/mainfunction.cgi. The manipulation of the argument action leads to command injection. This vulnerability was named CVE-2024-45888. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as critical has been found in DrayTek Vigor 3900 1.5.1.3. This affects the function setSWMOption of the file cgi-bin/mainfunction.cgi. The manipulation of the argument action leads to command injection. This vulnerability is uniquely identified as CVE-2024-45893. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Michael Gangolf Accordion title for Elementor Plugin up to 1.2.1 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-51685. The attack may be launched remotely. There is no exploit available.

The flaw, an exploitable stack buffer underflow in SQLite, was found by Google’s Big Sleep team using a large language model (LLM)

A vulnerability was found in Michael Gangolf Custom Post Type Templates for Elementor Plugin up to 1.10.1 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-51683. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in CodeRevolution WP Pocket URLs Plugin up to 1.0.3 on WordPress. It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-51681. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in CrestaProject Cresta Addons for Elementor Plugin up to 1.0.9 on WordPress and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-51680. The attack may be initiated remotely. There is no exploit available.

A vulnerability has been found in WebberZone Knowledge Base Plugin up to 2.2.0 on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-51677. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in Draytek Vigor 3900 1.5.1.3. This affects the function backup of the file mainfunction.cgi. The manipulation leads to command injection. This vulnerability is uniquely identified as CVE-2024-51251. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Draytek Vigor 3900 1.5.1.3. Affected by this issue is the function reboot of the file mainfunction.cgi. The manipulation leads to command injection. This vulnerability is handled as CVE-2024-51249. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as critical was found in Draytek Vigor 3900 1.5.1.3. Affected by this vulnerability is the function doPPTP of the file mainfunction.cgi. The manipulation leads to command injection. This vulnerability is known as CVE-2024-51246. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as critical has been found in Draytek Vigor 3900 1.5.1.3. Affected is the function doL2TP of the file mainfunction.cgi. The manipulation leads to command injection. This vulnerability is traded as CVE-2024-51253. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Marcel Pol Elo Rating Shortcode Plugin up to 1.0.3 on WordPress. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-51678. The attack may be initiated remotely. There is no exploit available.