EUVD-2020-25250

Malware in sbrugna...

CVE-2022-47436

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in MantraBrain Yatra allows Stored XSS.This issue affects Yatra: from n/a through 2.1.14...

Utilities ‘Concerningly’ at Risk from Active Exploits

The amount of time that utility networks spend exposed to a known application exploit has spiked over the past two months — something analysts called out as a “concerning datapoint,” and an important reminder that ransomware isn’t the only threat utility networks need to secure against. A new...

Command Execution Vulnerability in HDCMS v2.0

HDCMS is a content management system software package developed in PHP+Mysql. It provides customers with powerful and complete functionality to accomplish rapid website development. A command execution vulnerability exists in HDCMS v2.0, which can be exploited by an attacker to gain control of a...

FreeIPA 2.213 Session Hijacking

Description An attacker can hijack the session to unlock the users when they has been locked with his last sesiA3n. ===================================================================== Session hijacking This type of attack involves an adversary that exploits weaknesses in an application's use of...