Simple Employee Records System 1.0 - File Upload RCE (Unauthenticated) Exploit

Exploit Title: Simple Employee Records System 1.0 - File Upload RCE Unauthenticated Exploit Author: email protected Vendor Homepage: https://www.sourcecodester.com/php/11393/employee-records-system.html Software Link:...

Doctor Appointment System 1.0 Cross Site Scripting Vulnerability

Exploit Title: Doctor Appointment System 1.0 - Reflected POST based Cross Site Scripting XSS in comment parameter CVE: CVE-2021-27317 Exploit Author: Soham Bakore Vendor Homepage: https://www.sourcecodester.com/php/14182/doctor-appointment-system.html Software Link:...

Microsoft open sources CodeQL queries used to hunt for Solorigate activity

A key aspect of the Solorigate attack is the supply chain compromise that allowed the attacker to modify binaries in SolarWinds’ Orion product. These modified binaries were distributed via previously legitimate update channels and allowed the attacker to remotely perform malicious activities, suc...

Vehicle Parking Management System 1.0 - (catename) Persistent Cross-Site Scripting Vulnerability

Exploit Title: Vehicle Parking Management System 1.0 - 'catename' Persistent Cross-Site Scripting XSS Exploit Author: Tushar Vaidya Vendor Homepage: https://www.sourcecodester.com/php/14415/vehicle-parking-management-system-project-phpmysql-full-source-code.html Software Link:...

eChat 1.0 SQL Injection

Exploit Title: eChat | Time-Based Blind SQL Injection Exploit Author: [email protected] Date: 2021-02-21 Vendor Homepage: https://www.sourcecodester.com/php/10498/echat-simple-chat-system-app-using-phpmysql.html Software Link:...

SolarWinds hackers accessed source code of Azure, Exchange, Intune

By Deeba Ahmed The US has blamed Russia for attacks carried out by SolarWinds hackers. Here's what Microsoft has revealed about the recent development. This is a post from HackRead.com Read the original post: SolarWinds hackers accessed source code of Azure, Exchange, Intune...

IBM Security Verify Information Queue Information Disclosure Vulnerability (CNVD-2021-11360)

IBM Security Verify Information Queue is a cross-product integrator that leverages Kafka technology and a publish/subscribe model to integrate data between IBM security products. An information disclosure vulnerability exists in IBM Security Verify Information Queue. An attacker could exploit thi...

Microsoft: SolarWinds Attackers Downloaded Azure, Exchange Code

Threat actors downloaded some Microsoft Exchange and Azure code repositories during the sprawling SolarWinds supply-chain attack but did not use the company’s internal systems or products to attack other victims. That’s the final verdict this week by the tech giant now that it’s completed a...

SolarWinds Hackers Stole Some Source Code for Microsoft Azure, Exchange, Intune

Microsoft on Thursday said it concluded its probe into the SolarWinds hack, finding that the attackers stole some source code but confirmed there's no evidence that they abused its internal systems to target other companies or gained access to production services or customer data. The disclosure...

SolarWinds Hackers Stole Some Source Code for Microsoft Azure, Exchange, Intune

Microsoft on Thursday said it concluded its probe into the SolarWinds hack, finding that the attackers stole some source code but confirmed there's no evidence that they abused its internal systems to target other companies or gained access to production services or customer data. The disclosure...

CVE-2021-20407

IBM Security Verify Information Queue 1.0.6 and 1.0.7 discloses sensitive information in source code that could be used in further attacks against the system. IBM X-Force ID: 196185...

CVE-2021-20407

IBM Security Verify Information Queue 1.0.6 and 1.0.7 discloses sensitive information in source code that could be used in further attacks against the system. IBM X-Force ID: 196185...

Code injection

IBM Security Verify Information Queue 1.0.6 and 1.0.7 discloses sensitive information in source code that could be used in further attacks against the system. IBM X-Force ID: 196185...

IBM Security Verify Information Queue 信息泄露漏洞

IBM Security Verify Information Queue is a cross-product integrator that leverages Kafka technology and a publish/subscribe model to integrate data between IBM security products. An information disclosure vulnerability exists in IBM Security Verify Information Queue. An attacker could exploit thi...

Cyberpunk 2077 Maker Was Hit With Ransomware—and Won't Pay Up

CD Projekt Red's list of woes gets longer, as hackers claim to have stolen the source code for their most popular games...

Buffer overflow

A vulnerability has been identified in APOGEE PXC Compact BACnet All versions V3.5.5, APOGEE PXC Compact P2 Ethernet All versions V2.8.20, APOGEE PXC Modular BACnet All versions V3.5.5, APOGEE PXC Modular P2 Ethernet All versions V2.8.20, Nucleus NET All versions V5.2, Nucleus ReadyStart V3 All...

CD Projekt ransomware attack – Cyberpunk 2077 source code allegedly stolen

By Waqas The Polish video game developer CD Projekt, known for games like Cyberpunk 2077, has fallen victim to a ransomware attack. This is a post from HackRead.com Read the original post: CD Projekt ransomware attack - Cyberpunk 2077 source code allegedly stolen...

Cyberpunk 2077 developer hit by ransomware

CD PROJEKT RED, the game developer behind Cyberpunk 2077, announced earlier on Twitter that it has fallen victim to a targeted ransomware attack. The company says it has backups for the affected systems and does not intend to pay the ransom. In their ransom note the attackers boast that they have...

Cyberpunk 2077 Publisher Hit with Hack, Ransomware

UPDATE CD Projekt Red, the videogame-development company behind Cyberpunk 2077 and the wildly popular Witcher series, has suffered a ransomware attack that could soon result in troves of company data being dumped online – including game source code. The Warsaw-based company tweeted out a notice o...

CVE-2020-28388

A vulnerability has been identified in APOGEE PXC Compact BACnet All versions V3.5.5, APOGEE PXC Compact P2 Ethernet All versions V2.8.20, APOGEE PXC Modular BACnet All versions V3.5.5, APOGEE PXC Modular P2 Ethernet All versions V2.8.20, Nucleus NET All versions V5.2, Nucleus ReadyStart V3 All...