CVE-2022-26148

A flaw was found in Grafana when integrated with Zabbix. The Zabbix password can be found in the apijsonrpc.php HTML source code. When the user logs in and allows the user to register, one can right-click to view the source code and use Ctrl-F to search for the password in apijsonrpc.php to...

CVE-2022-26148

An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix. The Zabbix password can be found in the apijsonrpc.php HTML source code. When the user logs in and allows the user to register, one can right click to view the source code and use Ctrl-F to search for password in...

CVE-2022-26148

An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix. The Zabbix password can be found in the apijsonrpc.php HTML source code. When the user logs in and allows the user to register, one can right click to view the source code and use Ctrl-F to search for password in...

UBUNTU-CVE-2022-26148

An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix. The Zabbix password can be found in the apijsonrpc.php HTML source code. When the user logs in and allows the user to register, one can right click to view the source code and use Ctrl-F to search for password in...

CVE-2022-26148

Grafana (through 7.3.4) integrated with Zabbix contains a credentials disclosure flaw: the Zabbix password and URL can be exposed by inspecting api_jsonrpc.php in the HTML source after login/registration, enabling an attacker with access to the app to obtain sensitive Zabbix credentials. Root cau...

CVE-2022-26148

An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix. The Zabbix password can be found in the apijsonrpc.php HTML source code. When the user logs in and allows the user to register, one can right click to view the source code and use Ctrl-F to search for password in...

Conti Ransomware V. 3, Including Decryptor, Leaked

Pro-Ukraine security researcher @ContiLeaks yesterday uploaded a fresher version of Conti ransomware than they had previously released – specifically, the source code for Conti Ransomware V3.0 – to VirusTotal. ContiLeaks posted a link to the code on Twitter. The code includes a compiled locker an...

Grafana安全漏洞

Grafana is a set of open source monitoring tools from Grafana Labs that provides a visual monitoring interface. The tool is mainly used for monitoring and analyzing Graphite, InfluxDB, Prometheus, etc. A security vulnerability exists in Grafana version 7.3.4 and earlier, which stems from the fact...

MTN Group: Download full backup [Mtn.co.rw]

Summary: I discovered few critical vulnerabilities here, one of them is exposed backup files via directory listing. Steps To Reproduce: go to https://mtn.co.rw/mtn.zip and download the file extract the file and open you will see the full backup of the website Similar report:...

Attendance and Payroll System 安全漏洞

Attendance and Payroll System is an attendance and payroll system using PHP/MySQLi source code by oretnom23 individual developers. sourcecodester Attendance and Payroll System is vulnerable to remote code execution, which can be exploited by attackers to upload maliciously crafted PHP...

Atlassian Fisheye and Crucible Brute Force Exploits

Atlassian Fisheye is a suite of source code deep viewing software.Atlassian Crucible is a suite of code review tools. Atlassian Fisheye and Crucible are vulnerable to a brute force vulnerability due to a failure to check whether a user has exceeded their maximum failed login limit. An attacker...

Automatic Question Paper Generator System 1.0 Insecure Direct Object Reference

Exploit Title: Automatic Question Paper Generator System 1.0 - Authentication Bypass Date: 2022-04-03 Exploit Author: Mr Empy Software Link: https://www.sourcecodester.com/php/15190/automatic-question-paper-generator-system-phpoop-free-source-code.html Version: 1.0 Tested on: Linux !/usr/bin/env...

Samsung Confirms Data Breach After Hackers Leak Galaxy Source Code

Samsung on Monday confirmed a security breach that resulted in the exposure of internal company data, including the source code related to its Galaxy smartphones. "According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not...

Samsung Confirms Lapsus$ Ransomware Hit, Source Code Leak

Just days after leaking data it claims to have exfiltrated from chipmaker NVIDIA, ransomware group Lapsus$ is claiming another international company among its victims — this time releasing data purportedly stolen from Samsung Electronics. The consumer electronics giant confirmed in a media...

Samsung confirms data breach as Lapsus$ hackers leak its source code

By Waqas In total, Lapsus$ hackers have leaked 189 GB worth of sensitive data, while Samsung has confirmed the incident;… This is a post from HackRead.com Read the original post: Samsung confirms data breach as Lapsus$ hackers leak its source code...

Attendance and Payroll System v1.0 - Remote Code Execution Exploit

Exploit Title: Attendance and Payroll System v1.0 - Remote Code Execution RCE Exploit Author: pr0z Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/apsystem.zip Version: v1.0 Tested on: Linux, MySQL, Apache import...

Hackers Who Broke Into NVIDIA's Network Leak DLSS Source Code Online

American chipmaking company NVIDIA on Tuesday confirmed that its network was breached as a result of a cyber attack, enabling the perpetrators to gain access to sensitive data, including source code purportedly associated with its Deep Learning Super Sampling DLSS technology. "We have no evidence...

Conti Ransomware Decryptor, TrickBot Source Code Leaked

The pro-Ukraine member of the Conti ransomware gang who promised to eviscerate the extortionists after they pledged support for the Russian government has spilled yet more Conti guts: The latest dump includes source code for Conti ransomware, TrickBot malware, a decryptor and the gang’s...

The Conti ransomware leaks

On February 27, an individual with insights into the Conti ransomware group started leaking a treasure trove of data beginning with internal chat messages. Conti is responsible for a number of high profile attacks, including one against the Irish Healthcare system which has cost more than $48...

Conti Ransomware Group Internal Chats Leaked Over Russia-Ukraine Conflict

UPDATE: As of March 2, 2022, Conti began taking down exposed infrastructure as a result of the chat disclosure. At that time, we assessed that due to their sophisticated capability, deep funding, and quick recovery from exposed infrastructure in November 2021, they remained an active and...