81 matches found
CVE-2010-1359
SQL injection vulnerability in bluegateseo.inc.php in the Direct URL module for xt:Commerce, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the coID parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from...
CVE-2025-1359
A vulnerability, which was classified as problematic, has been found in SIAM Industria de Automação e Monitoramento SIAM 2.0. This issue affects some unknown processing of the file /qrcode.jsp. The manipulation of the argument url leads to cross site scripting. The attack may be initiated remotel...
CVE-2025-1359
A vulnerability, which was classified as problematic, has been found in SIAM Industria de Automação e Monitoramento SIAM 2.0. This issue affects some unknown processing of the file /qrcode.jsp. The manipulation of the argument url leads to cross site scripting. The attack may be initiated remotel...
CVE-2025-1359 SIAM Industria de Automação e Monitoramento qrcode.jsp cross site scripting
A vulnerability, which was classified as problematic, has been found in SIAM Industria de Automação e Monitoramento SIAM 2.0. This issue affects some unknown processing of the file /qrcode.jsp. The manipulation of the argument url leads to cross site scripting. The attack may be initiated remotel...
CVE-2025-1359 SIAM Industria de Automação e Monitoramento qrcode.jsp cross site scripting
A vulnerability, which was classified as problematic, has been found in SIAM Industria de Automação e Monitoramento SIAM 2.0. This issue affects some unknown processing of the file /qrcode.jsp. The manipulation of the argument url leads to cross site scripting. The attack may be initiated remotel...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-1359)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-1359
creationtimestamp| type| source ---|---|--- 2024-02-13 20:22:14+00:00| seen| https://t.me/ctinow/184139 2024-03-05 02:01:53+00:00| seen| https://t.me/ctinow/199811 2025-05-09 18:26:22+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/15808...
CVE-2024-1359
Summary: CVE-2024-1359 is a command injection vulnerability in GitHub Enterprise Server that allowed an attacker with the Management Console’s editor role to escalate to admin/root SSH access when configuring an HTTP proxy. Affected products/versions: all GitHub Enterprise Server versions prior t...
CVE-2024-1359 Command injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Mangement Console
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when setting up an HTTP proxy. Exploitation of this vulnerability required access to the GitHub Enterprise...
GitHub: Management Console Editor Privilege Escalation to Root SSH Access in GitHub Enterprise Server via RCE in ghe-update-check
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when setting up an HTTP proxy. This vulnerability affected all versions of GitHub Enterprise Server prior t...
STORM-1359 DDoS triggered outage of Microsoft Services
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The STORM-1359 group a.k.a Anonymous Sudan recently targeted Microsoft services with a DDoS attack, resulting in the disruption of multiple services. To receive real-time threat advisories, please follow...
Microsoft Blames Massive DDoS Attack for Azure, Outlook, and OneDrive Disruptions
Microsoft on Friday attributed a string of service outages aimed at Azure, Outlook, and OneDrive earlier this month to an uncategorized cluster it tracks under the name Storm-1359. "These attacks likely rely on access to multiple virtual private servers VPS in conjunction with rented cloud...
Microsoft Blames Massive DDoS Attack for Azure, Outlook, and OneDrive Disruptions
Microsoft on Friday attributed a string of service outages aimed at Azure, Outlook, and OneDrive earlier this month to an uncategorized cluster it tracks under the name Storm-1359. "These attacks likely rely on access to multiple virtual private servers VPS in conjunction with rented cloud...
Microsoft Response to Layer 7 Distributed Denial of Service (DDoS) Attacks
Summary Summary Beginning in early June 2023, Microsoft identified surges in traffic against some services that temporarily impacted availability. Microsoft promptly opened an investigation and subsequently began tracking ongoing DDoS activity by the threat actor that Microsoft tracks as...
Microsoft Response to Layer 7 Distributed Denial of Service (DDoS) Attacks
Summary Beginning in early June 2023, Microsoft identified surges in traffic against some services that temporarily impacted availability. Microsoft promptly opened an investigation and subsequently began tracking ongoing DDoS activity by the threat actor that Microsoft tracks as Storm-1359. Thes...
CVE-2023-1359
CVE-2023-1359 affects SourceCodester Gadget Works Online Ordering System 1.0, specifically the Add New User component. The issue arises in /philosophy/admin/user/controller.php?action=add via manipulation of the U_NAME parameter, leading to cross-site scripting. Exploitation is remote and the vul...
CVE-2023-1359 SourceCodester Gadget Works Online Ordering System Add New User cross site scripting
A vulnerability has been found in SourceCodester Gadget Works Online Ordering System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /philosophy/admin/user/controller.php?action=add of the component Add New User. The manipulation of the argument UNAME leads ...
CVE-2022-1359
creationtimestamp| type| source ---|---|--- 2022-05-18 00:27:57+00:00| seen| https://t.me/cibsecurity/42871...
CVE-2022-1359 Cambium Networks cnMaestro Path Traversal
The affected On-Premise cnMaestro is vulnerable to an arbitrary file-write through improper limitation of a pathname to a restricted directory inside a specific route. If an attacker supplied path traversal charters ../ as part of a filename, the server will save the file where the attacker...
CVE-2022-1359
The CVE-2022-1359 entry describes an arbitrary file-write path traversal vulnerability in Cambium Networks cnMaestro On-Premises. An attacker can supply ../ in a filename to write data to arbitrary server files via a restricted pathname in a specific route. This affects On-Premise cnMaestro and c...