WordPress VikBooking Hotel Booking Engine ＆ PMS plugin信息泄露漏洞

WordPress and WordPress plugin are products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. WordPress VikBooking Hotel...

Oracle OpenJDK ECDSA Signatures Vulnerability (CVE-2022-21449)

Oracle OpenJDK is prone to vulnerability in the implementation of ECDSA signature verification Component: security-libs/java.security. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Responsive Online Blog 1.0 SQL Injection

Exploit Title: Responsive Online Blog 1.0 - Blind Boolean-based SQLi Date: 2022-04-16 Exploit Author: Gideon Kamioka @w1ezl Vendor Homepage: https://www.sourcecodester.com/php/14194/responsive-online-blog-website-using-phpmysql.html Software Link:...

CVE-2022-27423

Chamilo LMS v1.11.13 was discovered to contain a SQL injection vulnerability via the blogid parameter at /blog/blog.php...

CVE-2022-27425

Chamilo LMS v1.11.13 was discovered to contain a cross-site scripting XSS vulnerability via the component /blog/blog.php...

CVE-2022-27425

Chamilo LMS v1.11.13 was discovered to contain a cross-site scripting XSS vulnerability via the component /blog/blog.php...

CVE-2022-27425

Chamilo LMS v1.11.13 was discovered to contain a cross-site scripting XSS vulnerability via the component /blog/blog.php...

Sql injection

Chamilo LMS v1.11.13 was discovered to contain a SQL injection vulnerability via the blogid parameter at /blog/blog.php...

CVE-2022-27425

Chamilo LMS v1.11.13 was discovered to contain a cross-site scripting XSS vulnerability via the component /blog/blog.php...

John Oliver on Data Brokers

John Oliver has an excellent segment on data brokers and surveillance capitalism...

CVE-2022-27047

mogublogcms 5.2 suffers from upload arbitrary files without any limitation...

blog.blog.2020.ethereumpostage.info Cross Site Scripting vulnerability OBB-2484536

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Conti’s Hacker Manuals — Read, Reviewed & Analyzed

Conti is a notorious ransomware group that targets high-revenue organizations. They were first detected in 2020, and appear to be based in Russia. It is believed that the group is the successor to Ryuk ransomware group. According to Chainalysis, The ransomware group was the highest grossing of al...

CVE-2022-26619

Halo Blog CMS v1.4.17 was discovered to allow attackers to upload arbitrary files via the Attachment Upload function...

CVE-2022-26619

Halo Blog CMS v1.4.17 was discovered to allow attackers to upload arbitrary files via the Attachment Upload function...

CVE-2022-26619

Halo Blog CMS v1.4.17 was discovered to allow attackers to upload arbitrary files via the Attachment Upload function...

Hardcoded credentials

Halo Blog CMS v1.4.17 was discovered to allow attackers to upload arbitrary files via the Attachment Upload function...

CVE-2022-26619

Halo Blog CMS v1.4.17 contains an authentication-free flaw in the Attachment Upload function that enables uploading arbitrary files. This is the concrete detail reported across multiple sources (CVE-2022-26619). The impact stated in the CVE record indicates partial integrity impact with the abili...

CVE-2022-26619

Halo Blog CMS v1.4.17 was discovered to allow attackers to upload arbitrary files via the Attachment Upload function...

Halo 代码问题漏洞

Halo is a personal blog system for individual developers. A security vulnerability exists in Halo Blog CMS version 1.4.17, which can be exploited by attackers to upload arbitrary files via the attachment upload feature...