Aggregator

A recent investigation has uncovered a malicious application, DriverEasy, masquerading as a legitimate Google Chrome update to steal user credentials. The malware leverages Dropbox’s API to exfiltrate sensitive information, including passwords, and is linked to North Korea’s cyber-espionage campaign known as “Contagious Interview.” Password Theft via Fake Prompts DriverEasy, written in Swift and Objective-C, deploys […]

The post Fake Chrome Update Delivers DriverEasy Malware by Abusing Dropbox appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A vulnerability, which was classified as critical, has been found in Uniclare Student Portal up to 2. Affected by this issue is some unknown functionality of the component Forgot Password Handler. The manipulation leads to sql injection. This vulnerability is handled as CVE-2024-57401. The attack may be launched remotely. There is no exploit available.

Fake job ads target freelance developers, spreading malware via GitHub

A vulnerability classified as problematic was found in PHPJabbers Cinema Booking System 1.0. Affected by this vulnerability is an unknown functionality of the component Now Showing Menu. The manipulation of the argument date leads to cross site scripting. This vulnerability is known as CVE-2023-51330. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in PHPJabbers Bus Reservation System 1.1. Affected is an unknown function. The manipulation of the argument title/name leads to cross site scripting. This vulnerability is traded as CVE-2023-51318. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in PHPJabbers Shared Asset Booking System 1.0. It has been rated as problematic. This issue affects some unknown processing. The manipulation of the argument title/name leads to cross site scripting. The identification of this vulnerability is CVE-2023-51325. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in PHPJabbers Restaurant Booking System 3.0. It has been declared as problematic. This vulnerability affects unknown code of the component Schedule Section. The manipulation of the argument date leads to cross site scripting. This vulnerability was named CVE-2023-51312. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in PHPJabbers Event Ticketing System 1.0. It has been classified as problematic. This affects an unknown part. The manipulation of the argument name/title leads to cross site scripting. This vulnerability is uniquely identified as CVE-2023-51306. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in PHPJabbers Cleaning Business Software 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Forgot Password Handler. The manipulation leads to denial of service. This vulnerability is handled as CVE-2023-51327. The attack may be launched remotely. There is no exploit available.

A vulnerability has been found in PHPJabbers Meeting Room Booking System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Forgot Password Handler. The manipulation leads to denial of service. This vulnerability is known as CVE-2023-51332. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in PHPJabbers Restaurant Booking System 3.0. Affected is an unknown function. The manipulation of the argument seat_name/plugin_sms_api_key/plugin_sms_country_code/title/name leads to cross site scripting. This vulnerability is traded as CVE-2023-51315. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in IBM Security Verify Access up to 10.0.0.9/11.0.0.0. This issue affects some unknown processing. The manipulation leads to code injection. The identification of this vulnerability is CVE-2025-0161. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in PHPJabbers Cleaning Business Software 1.0. This vulnerability affects unknown code of the component Forgot Password Handler. The manipulation leads to denial of service. This vulnerability was named CVE-2023-51326. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as critical has been found in PHPJabbers Cleaning Business Software 1.0. This affects an unknown part of the component Languages Section Label Handler. The manipulation leads to csv injection. This vulnerability is uniquely identified as CVE-2023-51331. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Ping Identity PingAM Java Policy Agent up to 5.10.3/2023.11.1/2024.9. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to relative path traversal. This vulnerability is handled as CVE-2025-20059. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in PHPJabbers Restaurant Booking System 3.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation of the argument name/plugin_sms_api_key/plugin_sms_country_code/title/plugin_sms_api_key leads to basic cross site scripting. This vulnerability is known as CVE-2023-51317. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in PHPJabbers Car Park Booking System 3.0. It has been classified as problematic. Affected is an unknown function. The manipulation of the argument name/plugin_sms_api_key/plugin_sms_country_code/title/plugin_sms_api_key leads to basic cross site scripting. This vulnerability is traded as CVE-2023-51308. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in PHPJabbers Night Club Booking Software 1.0 and classified as problematic. This issue affects some unknown processing of the component Forgot Password Handler. The manipulation leads to denial of service. The identification of this vulnerability is CVE-2023-51321. The attack may be initiated remotely. There is no exploit available.

A vulnerability has been found in PHPJabbers Car Park Booking System 3.0 and classified as problematic. This vulnerability affects unknown code of the component Forgot Password Handler. The manipulation leads to denial of service. This vulnerability was named CVE-2023-51310. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as critical, was found in PHPJabbers PHPJabbers Night Club Booking Software 1.0. This affects an unknown part of the component Languages Section Label Handler. The manipulation leads to csv injection. This vulnerability is uniquely identified as CVE-2023-51320. It is possible to initiate the attack remotely. There is no exploit available.