Sermon'e – Sermons Online Security Vulnerabilities

CVE-2024-28189 Judge0 vulnerable to Sandbox Escape Patch Bypass via chown running on Symbolic Link

Judge0 is an open-source online code execution system. The application uses the UNIX chown command on an untrusted file within the sandbox. An attacker can abuse this by creating a symbolic link (symlink) to a file outside the sandbox, allowing the attacker to run chown on arbitrary files outside.....

CVE-2024-28185 Judge0 vulnerable to Sandbox Escape via Symbolic Link

Judge0 is an open-source online code execution system. The application does not account for symlinks placed inside the sandbox directory, which can be leveraged by an attacker to write to arbitrary files and gain code execution outside of the sandbox. When executing a submission, Judge0 writes a...

New Android Trojan 'SoumniBot' Evades Detection with Clever Tricks

A new Android trojan called SoumniBot has been detected in the wild targeting users in South Korea by leveraging weaknesses in the manifest extraction and parsing procedure. The malware is "notable for an unconventional approach to evading analysis and detection, namely obfuscation of the Android.....

Global Police Operation Disrupts 'LabHost' Phishing Service, Over 30 Arrested Worldwide

As many as 37 individuals have been arrested as part of an international crackdown on a cybercrime service called LabHost that has been used by criminal actors to steal personal credentials from victims around the world. Described as one of the largest Phishing-as-a-Service (PhaaS) providers,...

FreeBSD : electron{27,28,29} -- multiple vulnerabilities (f90bf863-e43c-4db3-b5a8-d9603684657a)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the f90bf863-e43c-4db3-b5a8-d9603684657a advisory. An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame...

Jotform Online Forms < 1.3.2 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode

Description The Jotform Online Forms – Drag & Drop Form Builder, Securely Embed Contact Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping on...

Should you share your location with your partner?

Every relationship has its disagreements. Who takes out the trash and washes the dishes? Who plans the meals and writes out the grocery list? And when is it okay to start tracking one another’s location? Location sharing is becoming the norm between romantic partners—50% of people valued...

CVE-2024-32527

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jotform Jotform Online Forms allows Stored XSS.This issue affects Jotform Online Forms: from n/a through...

CVE-2024-32527

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jotform Jotform Online Forms allows Stored XSS.This issue affects Jotform Online Forms: from n/a through...

SoumniBot: the new Android banker’s unique techniques

The creators of widespread malware programs often employ various tools that hinder code detection and analysis, and Android malware is no exception. As an example of this, droppers, such as Badpack and Hqwar, designed for stealthily delivering Trojan bankers or spyware to smartphones, are very...

CVE-2024-32527 WordPress Jotform Online Forms plugin <= 1.3.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jotform Jotform Online Forms allows Stored XSS.This issue affects Jotform Online Forms: from n/a through...

Cyberattacks Surge 325% in Philippines Amid South China Sea Standoff

By Deeba Ahmed The Philippines finds itself under an online siege as tensions escalate in the South China Sea (SCS) with China, claims cybersecurity firm Resecurity. This is a post from HackRead.com Read the original post: Cyberattacks Surge 325% in Philippines Amid South China Sea...

FreeBSD : php -- Multiple vulnerabilities (6d82c5e9-fc24-11ee-a689-04421a1baf97)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 6d82c5e9-fc24-11ee-a689-04421a1baf97 advisory. This update includes 3 security fixes: (CVE-2024-1874, CVE-2024-2756, CVE-2024-2757,...

Church Content – Sermons, Events and More < 2.6.1 - Cross-Site Request Forgery to Notice Dismissal

Description The Church Content – Sermons, Events and More plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.6. This is due to missing or incorrect nonce validation on the ctc_hide_theme_support_notice() function. This makes it possible for...

Giant Tiger breach sees 2.8 million records leaked

Someone has posted a database of over 2.8 million records to a hacker forum, claiming they originated from a March 2024 hack at Canadian retail chain Giant Tiger. When asked, they posted a small snippet as proof. The download of the full database is practically free for other active members of...

Hive RAT Creators and $3.5M Cryptojacking Mastermind Arrested in Global Crackdown

Two individuals have been arrested in Australia and the U.S. in connection with an alleged scheme to develop and distribute a remote access trojan called Hive RAT (previously Firebird). The U.S. Justice Department (DoJ) said the malware "gave the malware purchasers control over victim computers...

Five Key Takeaways from the 2024 Imperva Bad Bot Report

Bad bots continue to affect consumers and organizations across all sectors. For over eleven years, Imperva has been dedicated to helping organizations manage and mitigate the threat of bad bots. We’ve published the 2024 Imperva Bad Bot Report as part of our commitment to helping organizations...

FreeBSD : PuTTY and embedders (f.i., filezilla) -- biased RNG with NIST P521/ecdsa-sha2-nistp521 signatures permits recovering private key (080936ba-fbb7-11ee-abc8-6960f2492b1d)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 080936ba-fbb7-11ee-abc8-6960f2492b1d advisory. In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover...

CVE-2024-31651

A cross-site scripting (XSS) in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the First Name...

CVE-2024-31651

A cross-site scripting (XSS) in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the First Name...

CVE-2024-31649

A cross-site scripting (XSS) in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Name...

CVE-2024-31650

A cross-site scripting (XSS) in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Last Name...

CVE-2024-31652

A cross-site scripting (XSS) in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search...

CVE-2024-31649

A cross-site scripting (XSS) in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Name...

CVE-2024-31650

A cross-site scripting (XSS) in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Last Name...

CVE-2024-31652

A cross-site scripting (XSS) in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search...

AI Copilot: Launching Innovation Rockets, But Beware of the Darkness Ahead

Imagine a world where the software that powers your favorite apps, secures your online transactions, and keeps your digital life could be outsmarted and taken over by a cleverly disguised piece of code. This isn't a plot from the latest cyber-thriller; it's actually been a reality for years now....

CVE-2024-32094

Cross-Site Request Forgery (CSRF) vulnerability in ChurchThemes Church Content – Sermons, Events and More.This issue affects Church Content – Sermons, Events and More: from n/a through...

CVE-2024-32094

Cross-Site Request Forgery (CSRF) vulnerability in ChurchThemes Church Content – Sermons, Events and More.This issue affects Church Content – Sermons, Events and More: from n/a through...

CVE-2024-32094 WordPress Church Content plugin <= 2.6 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in ChurchThemes Church Content – Sermons, Events and More.This issue affects Church Content – Sermons, Events and More: from n/a through...

A week in security (April 8 &#8211; April 14)

Last week on Malwarebytes Labs: How to change your Social Security Number Apple warns people of mercenary attacks via threat notification system How to check if your data was exposed in the AT&T breach Microsoft’s April 2024 Patch Tuesday includes two actively exploited zero-day vulnerabilities...

Malicious code in trip-component-platform-online-header (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (6902c9afc31fa0c3a2b8cc9970a33d7a27356e2171646b06e01e383655efea51) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in trip-component-platform-online-usp (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (a6a881b5f34acb08b303ac7f027ae585053ffab51b72cfa79a2bb4b4cbdf3f55) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in trip-component-platform-online-footer (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (d2b1894dd696dfb0e732a29e63d51abc46571ac2e0b0528d22359a070066b65d) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in trip-component-platform-online-goto (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (b9bf43d6e49697b8f9e4d87c7cc739e1b31a2db5132fabce880c79cb4d1fd860) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in trip-component-platform-online-prepermission-popup (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (5e7792da9bcfb9756c78247a525424f0782b412e24f2479452b818867cc71096) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in trip-component-platform-online-cookie-banner (npm)

-= Per source details. Do not edit below this line.=- Source: ghsa-malware (949e41fb87570733314ef5f1c461cb8f7d60ec996c7e12a4df38a36cc03d7b86) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-31652

A cross-site scripting (XSS) in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search...

CVE-2024-31650

A cross-site scripting (XSS) in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Last Name...

Savsoft Quiz v6.0 Enterprise - Stored XSS Vulnerability

...

CVE-2024-31651

A cross-site scripting (XSS) in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the First Name...

Online Fire Reporting System OFRS - SQL Injection Authentication Bypass Exploit

...

CVE-2024-31649

A cross-site scripting (XSS) in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Name...

FreeBSD : go -- http2: close connections when receiving too many headers (cdb5e0e3-fafc-11ee-9c21-901b0e9408dc)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cdb5e0e3-fafc-11ee-9c21-901b0e9408dc advisory. An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an...

Online Fire Reporting System 1.2 SQL Injection

...

CVE-2024-31652

A cross-site scripting (XSS) in Cosmetics and Beauty Product Online Store v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search...

Online Fire Reporting System OFRS - SQL Injection Authentication Bypass

...

FreeBSD : chromium -- multiple security fixes (7314942b-0889-46f0-b02b-2c60aabe4a82)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 7314942b-0889-46f0-b02b-2c60aabe4a82 advisory. Out of bounds memory access in Compositing in Google Chrome prior to 123.0.6312.122 allowed a...

Debian dsa-5658 : affs-modules-6.1.0-11-4kc-malta-di - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5658 advisory. A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in...

Savsoft Quiz v6.0 Enterprise - Stored XSS

...