Lucene search
K

125 matches found

Trend Micro Simply Security
Trend Micro Simply Security
added 2023/07/28 12:0 a.m.12 views

Related CherryBlos and FakeTrade Android Malware Involved in Scam Campaigns

Trend Micro’s Mobile Application Reputation Service MARS team discovered two new related Android malware families involved in cryptocurrency-mining and financially-motivated scam campaigns targeting Android users...

7AI score
Exploits0
Hacker One
Hacker One
added 2023/07/10 1:29 p.m.47 views

Mars: Html injection

The consultant identified that the show parameter can reflect into the HTML page. An attacker could have crafted a malicious query that resulted in the inclusion of attacker-controlled HTML elements on the web page, changing the content presented to users. The vulnerability was assessed to have a...

6.7AI score
Exploits0
Hacker One
Hacker One
added 2023/06/24 3:42 p.m.30 views

Mars: Stored XSS + CSRF in "apellido" value

A stored cross-site scripting and cross-site request forgery vulnerability was discovered in the "apellido" value of a user profile updating form, allowing unauthorized changes to be made to user accounts...

6.3AI score
Exploits0
Packet Storm
Packet Storm
added 2023/04/26 12:0 a.m.397 views

Mars Stealer 8.3 Account Takeover

Exploit Title: Mars Stealer 8.3 - Admin Account Takeover Product: Mars Stelaer Technology: PHP Version: 8.3 Google Dork: N/A Date: 20.04.2023 Tested on: Linux Author: Sköll - twitter.com/skoll import argparse import requests parser = argparse.ArgumentParserdescription='Mars Stealer Account Takeov...

6.8AI score
Exploits0
0day.today
0day.today
added 2023/04/25 12:0 a.m.281 views

Mars Stealer 8.3 - Admin Account Takeover Exploit

Exploit Title: Mars Stealer 8.3 - Admin Account Takeover Product: Mars Stelaer Technology: PHP Version: 8.3 Google Dork: N/A Date: 20.04.2023 Tested on: Linux Author: Sköll - twitter.com/skoll import argparse import requests parser = argparse.ArgumentParserdescription='Mars Stealer Account Takeov...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2023/04/25 12:0 a.m.287 views

Mars Stealer 8.3 - Admin Account Takeover

Exploit Title: Mars Stealer 8.3 - Admin Account Takeover Product: Mars Stelaer Technology: PHP Version: 8.3 Google Dork: N/A Date: 20.04.2023 Tested on: Linux Author: Sköll - twitter.com/skoll import argparse import requests parser = argparse.ArgumentParserdescription='Mars Stealer Account Takeov...

7.4AI score
Exploits0
Hacker One
Hacker One
added 2023/04/23 10:9 p.m.22 views

Mars: ' Full Account Takeover ' at █████

A severe vulnerability was identified in the login functionality of a website belonging to Mars. An unauthorized actor could manipulate the server's response from the ██████████ endpoint to gain unauthorized access to any user account on the platform, leading to a full account takeover...

7.2AI score
Exploits0
Hacker One
Hacker One
added 2023/04/12 6:46 a.m.19 views

Mars: Response Manipulation lead to bypass verification code while making appointment at `█████████`

The vulnerability allowed bypassing the verification code when making an appointment at █████████. The response could be manipulated to change the verification check from false to true, enabling the appointment to be completed without the correct code...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/21 10:35 a.m.42 views

Researchers Discover Numerous Samples of Information Stealer 'Stealc' in the Wild

A new information stealer called Stealc that's being advertised on the dark web could emerge as a worthy competitor to other malware of its ilk. "The threat actor presents Stealc as a fully featured and ready-to-use stealer, whose development relied on Vidar, Raccoon, Mars, and RedLine stealers,"...

Exploits0
CNNVD
CNNVD
added 2023/01/08 12:0 a.m.3 views

curiosity SQL注入漏洞

curiosity is an application by the individual developer Corin Cerami. It provides image data from NASA's Curiosity Mars Rover. A SQL injection vulnerability exists in curiosity, which stems from the fact that incorrect manipulation of the parameter sol can lead to sql injection...

9.8CVSS6.5AI score0.00653EPSS
Exploits0References5
Openbugbounty
Openbugbounty
added 2022/10/04 6:6 a.m.16 views

mars-meble.pl Cross Site Scripting vulnerability OBB-2976190

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Exploits0
Hacker One
Hacker One
added 2022/09/27 5:29 p.m.99 views

Mars: Jolokia Reflected XSS

Summary: salam Hi team i hope you are well , after doing some recon on mars.com i saw that the website use jolkia 1.3.5 it's vulnerable to reflected XSS Steps To Reproduce: 1. Vuln Link : https://couponsmanager-uat.b2b.mars.com/jolokia/read%3Csvg%20onload=alertdocument.cookie%3E?mimeType=text/htm...

4.3CVSS1.8AI score0.25459EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2022/08/18 12:0 a.m.38 views

Microsoft Azure Recovery Services (MARS) Agent Installed

Binary data microsoftazurerecoveryservicesagentinstalled.nbin...

7.3AI score
Exploits0References1
Trellix
Trellix
added 2022/05/23 12:0 a.m.9 views

Utilizing the Adaptive Defense Model Against Information Stealers

Trellix Global Defenders: Utilizing the Adaptive Defense Model Against Information Stealers By Taylor Mullins · May 23, 2022 Trellix is continuing to observe the continued growth in usage and general availability of Information Stealers that have the functionality to collect passwords, cookies,...

0.2AI score
Exploits0
The Hacker News
The Hacker News
added 2022/05/10 12:44 p.m.26 views

Experts Detail Saintstealer and Prynt Stealer Info-Stealing Malware Families

Cybersecurity researchers have dissected the inner workings of an information-stealing malware called Saintstealer that's designed to siphon credentials and system information. "After execution, the stealer extracts username, passwords, credit card details, etc.," Cyble researchers said in an...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/04/05 6:36 p.m.20 views

Colibri Loader combines Task Scheduler and PowerShell in clever persistence technique

This blog post was authored by Ankur Saini, with contributions from Hossein Jazi and Jérôme Segura 2022-04-07: Added MITRE ATT&CK mappings 2022-04-07: Changed the name of the final payload from Vidar to Mars Stealer Colibri Loader is a relatively new piece of malware that first appeared on...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2022/04/04 7:38 a.m.27 views

Experts Shed Light on BlackGuard Infostealer Malware Sold on Russian Hacking Forums

A previously undocumented "sophisticated" information-stealing malware named BlackGuard is being advertised for sale on Russian underground forums for a monthly subscription of $200. "BlackGuard has the capability to steal all types of information related to Crypto wallets, VPN, Messengers, FTP...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2022/03/30 2:5 p.m.18 views

Researchers Expose Mars Stealer Malware Campaign Using Google Ads to Spread

A nascent information stealer called Mars has been observed in campaigns that take advantage of cracked versions of the malware to steal information stored in web browsers and cryptocurrency wallets. "Mars Stealer is being distributed via social engineering techniques, malspam campaigns, maliciou...

1.2AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/03/03 12:0 p.m.30 views

Encoded Message in the Perseverance Mars Lander’s Parachute

NASA made an oblique reference to a coded message in the color pattern of the Perseverance Mars Lander s parachute. More information...

3.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/07/09 12:0 a.m.37 views

SUSE SLED15 / SLES15 Security Update : freetds (SUSE-SU-2020:1417-2)

This update for freetds to 1.1.36 fixes the following issues : Security issue fixed : CVE-2019-13508: Fixed a heap overflow that could have been caused by malicious servers sending UDT types over protocol version 5.0 bsc1141132. Non-security issues fixed : Enabled Kerberos support Version update ...

9.8CVSS8.2AI score0.01781EPSS
Exploits0References4
Rows per page
Query Builder