MTN Group: Download full backup [Mtn.co.rw]

Summary: I discovered few critical vulnerabilities here, one of them is exposed backup files via directory listing. Steps To Reproduce: go to https://mtn.co.rw/mtn.zip and download the file extract the file and open you will see the full backup of the website Similar report:...

Attendance and Payroll System 安全漏洞

Attendance and Payroll System is an attendance and payroll system using PHP/MySQLi source code by oretnom23 individual developers. sourcecodester Attendance and Payroll System is vulnerable to remote code execution, which can be exploited by attackers to upload maliciously crafted PHP...

Atlassian Fisheye and Crucible Brute Force Exploits

Atlassian Fisheye is a suite of source code deep viewing software.Atlassian Crucible is a suite of code review tools. Atlassian Fisheye and Crucible are vulnerable to a brute force vulnerability due to a failure to check whether a user has exceeded their maximum failed login limit. An attacker...

Automatic Question Paper Generator System 1.0 Insecure Direct Object Reference

Exploit Title: Automatic Question Paper Generator System 1.0 - Authentication Bypass Date: 2022-04-03 Exploit Author: Mr Empy Software Link: https://www.sourcecodester.com/php/15190/automatic-question-paper-generator-system-phpoop-free-source-code.html Version: 1.0 Tested on: Linux !/usr/bin/env...

Samsung Confirms Data Breach After Hackers Leak Galaxy Source Code

Samsung on Monday confirmed a security breach that resulted in the exposure of internal company data, including the source code related to its Galaxy smartphones. "According to our initial analysis, the breach involves some source code relating to the operation of Galaxy devices, but does not...

Samsung Confirms Lapsus$ Ransomware Hit, Source Code Leak

Just days after leaking data it claims to have exfiltrated from chipmaker NVIDIA, ransomware group Lapsus$ is claiming another international company among its victims — this time releasing data purportedly stolen from Samsung Electronics. The consumer electronics giant confirmed in a media...

Samsung confirms data breach as Lapsus$ hackers leak its source code

By Waqas In total, Lapsus$ hackers have leaked 189 GB worth of sensitive data, while Samsung has confirmed the incident;… This is a post from HackRead.com Read the original post: Samsung confirms data breach as Lapsus$ hackers leak its source code...

Attendance and Payroll System v1.0 - Remote Code Execution Exploit

Exploit Title: Attendance and Payroll System v1.0 - Remote Code Execution RCE Exploit Author: pr0z Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/apsystem.zip Version: v1.0 Tested on: Linux, MySQL, Apache import...

Hackers Who Broke Into NVIDIA's Network Leak DLSS Source Code Online

American chipmaking company NVIDIA on Tuesday confirmed that its network was breached as a result of a cyber attack, enabling the perpetrators to gain access to sensitive data, including source code purportedly associated with its Deep Learning Super Sampling DLSS technology. "We have no evidence...

Conti Ransomware Decryptor, TrickBot Source Code Leaked

The pro-Ukraine member of the Conti ransomware gang who promised to eviscerate the extortionists after they pledged support for the Russian government has spilled yet more Conti guts: The latest dump includes source code for Conti ransomware, TrickBot malware, a decryptor and the gang’s...

The Conti ransomware leaks

On February 27, an individual with insights into the Conti ransomware group started leaking a treasure trove of data beginning with internal chat messages. Conti is responsible for a number of high profile attacks, including one against the Irish Healthcare system which has cost more than $48...

Conti Ransomware Group Internal Chats Leaked Over Russia-Ukraine Conflict

UPDATE: As of March 2, 2022, Conti began taking down exposed infrastructure as a result of the chat disclosure. At that time, we assessed that due to their sophisticated capability, deep funding, and quick recovery from exposed infrastructure in November 2021, they remained an active and...

Conti Ransomware Gang's Internal Chats Leaked Online After Siding With Russia

Days after the Conti ransomware group broadcasted a pro-Russian message pledging its allegiance to Vladimir Putin's ongoing invasion of Ukraine, an anonymous security researcher using the Twitter handle @ContiLeaks has leaked the syndicate's internal chats. The file dump, published by malware...

Driver Disk for Microsemi smartpqi 2.1.16-030 - For Citrix Hypervisor 8.2 LTSR

Who Should Install this Driver Disk? Customers running the Citrix Hypervisor 8.2 LTSR release who use Microsemi's smartpqi driver and wish to use the latest version of the following: Driver Module| Version ---|--- smartpqi| 2.1.16-030 Issues Resolved In this Driver Disk Includes general...

Out-of-bounds Write

Brandy is vulnerable to an out-of-bounds write. This is caused by the fileioopenout function in fileio.c receiving a malicious string via crafted BASIC source code...

IBM Maximo Anywhere Encryption Issue Vulnerability

IBM Maximo Anywhere is a next-generation mobile solution from IBM built on the IBM Worklight platform. An encryption vulnerability exists in IBM Maximo Anywhere, which stems from the product's failure to effectively protect program source code. An attacker could obfuscate the source code through...

Cosmetics And Beauty Product Online Store 1.0 Cross Site Scripting

Title: Cosmetics and Beauty Product Online Store v1.0 remote Multiple XSS-Reflected Author: nu11secur1ty Date: 02.18.2022 Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15181/cosmetics-and-beauty-product-online-store-phpoop-free-source-code.html...

admin can rug pull

Lines of code Vulnerability details In the links I provided, the admin can steal all user funds. this can cause reputation risk. --- The text was updated successfully, but these errors were encountered: All reactions...

CVE-2019-4352

IBM Maximo Anywhere 7.6.4.0 applications could allow obfuscation of the application source code. IBM X-Force ID: 161494...

CVE-2019-4352

IBM Maximo Anywhere 7.6.4.0 applications could allow obfuscation of the application source code. IBM X-Force ID: 161494...