Unauthorized MFA Code Delivery in EmpowerID
Posted by Patel, Nirav on Aug 01 Severity: High Description: An identified security flaw is present in EmpowerID versions V7.205.0.0 and prior versions, causing the...
Pentest Paper – Introduction to Web Pentest
Posted by Andrey Stoykov on Aug 01 Just putting this for the new starters. It is in two languages, Bulgarian and English. https://drive.google.com/file/d/1mzYeratoSV82Oxaj_dYvu4fg7vSBuhE1/view https://drive.google.com/file/d/1b8obLloMnmQGI1gqAablzuTyKOFBRZjb/view Has...
Stored XSS – Perch
Posted by Andrey Stoykov on Aug 01 # Exploit Title: # Date: 07/2023 # Exploit Author: Andrey Stoykov # Version: 3.2 # Tested on: Windows...
ETSI WEBstore 2023 – Persistent Cross Site Scripting Web Vulnerability
Posted by info () vulnerability-lab com on Aug 01 Document Title: =============== ETSI WEBstore 2023 - Persistent Cross Site Scripting Web Vulnerability References (Source): ====================...
Novel Worm-Like Malware P2Pinfect Targets Redis Deployments
Cado Security said the malware acts as a botnet and is compatibille with both Windows and Linux Read More
Canon Inkjet Printers Expose Wi-Fi Threat
The printers retained various information after re-initialization, including SSIDs and passwords Read More
Cloud Tech Debt Puts Millions of Apps at Risk, Says New Report
Published by Qualys, the document draws from anonymized global cloud scans conducted in April 2023 Read More
New Infostealer Uncovered in Phishing Scam Targeting Facebook Business Accounts
Unit 42 researchers detail a campaign that aimed to instal an infostealer variant capable of taking over Facebook business accounts Read More
CVE-2022-39986 (raspap)
A Command injection vulnerability in RaspAP 2.8.0 thru 2.8.7 allows unauthenticated attackers to execute arbitrary commands via the cfg_id parameter in /ajax/openvpn/activate_ovpncfg.php and /ajax/openvpn/del_ovpncfg.php. Read...
chromium-115.0.5790.110-1.fc38
FEDORA-2023-95d73a5f50 Packages in this update: chromium-115.0.5790.110-1.fc38 Update description: update to 115.0.5790.110. Fixes the following security issue: CVE-2022-4908 CVE-2022-4909 CVE-2022-4910 CVE-2022-4908 CVE-2022-4909 CVE-2022-4910 CVE-2022-4906 CVE-2022-4907 CVE-2022-4906...