CVE-2022-1076

CVE-2022-1076 affects the Automatic Question Paper Generator System 1.0. The vulnerable component is the file /aqpg/users/login.php, where manipulation of the First Name/Middle Name/Last Name parameters leads to a cross-site scripting (XSS) vulnerability. The vulnerability is described as exploit...

CVE-2022-1073 Automatic Question Paper Generator password recovery

A vulnerability was found in Automatic Question Paper Generator 1.0. It has been declared as critical. An attack leads to privilege escalation. The attack can be launched remotely...

CVE-2022-1073

The CVE-2022-1073 issue affects Automatic Question Paper Generator 1.0. It is described as allowing remote privilege escalation. Documents provide CVSS v3.1/2.0 scores (CRITICAL/high), attack vector NETWORK with low complexity and no authentication required, but the exact root cause, vulnerable c...

ResearchGate Automatic Question Paper Generator System授权问题漏洞

ResearchGate Automatic Question Paper Generator System is an automatic question paper generator system from German company ResearchGate. Automatic Question Paper Generator 1.0 has a security vulnerability that can be exploited by remote attackers to escalate privileges...

Automatically launch the downloaded .ica files when using Chrome browser

When you try to launch a published application or desktop from a browser by browsing to storefront or gateway URL, an".ica"file is downloaded. You need to click the .ica file to launch the session instead of auto launch...

Mip22 - An Advanced Phishing Tool

The program is made for educational purposes only for to see how the phishing method works. Any unnecessary use of the program is prohibited and the manufacturer has no responsibility for any illegal use by anyone. Use the tool at your own risk and avoid any sloppy actions. Installation...

Exploit for Improper Initialization in Linux Linux_Kernel

Dirty Pipe automatic root exploit CVE-2022-0847 !eaeasse...

Vulnerability fixed in F-Secure products

A vulnerability has been fixed in the F-Secure Support tool, which is is used in Business Suite and consumer products. A authenticated malicious person could potentially exploit it to execute arbitrary code under higher privileges. F-Secure has made available an update that fixes the described...

Microsoft Teams help & learning

None Microsoft Teams help & learning Meetings Chat Notifications & settings Teams & channels Calls & devices Files Troubleshoot New to Microsoft Teams? Learn all about Teams' essential features here.MeetingsChatNotificationsTeamsChannelsCalls Meet Microsoft 365 Copilot Copilot works alongside you...

[WP-H3] S2S Transfer from the origin schain to another schain with automatic deploy disabled can cause funds to be frozen

Lines of code Vulnerability details When moving tokens that are native on the origin schain, to another schain, TokenManagerERC20.soltransferToSchainERC20 will be called, which calls exit - receiveERC20: if isMainChainToken data = receiveERC20 chainHash, addresscontractOnSchain, msg.sender, amoun...

WordPress Automatic YouTube Gallery plugin < 1.6.5 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Automatic YouTube Gallery plugin versions 1.6.5. Solution Update the WordPress Automatic YouTube Gallery plugin to the latest available version at least 1.6.5...

WordPress Automatic YouTube Gallery plugin < 1.6.5 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Automatic YouTube Gallery plugin versions 1.6.5. Solution Update the WordPress Automatic YouTube Gallery plugin to the latest available version at least 1.6.5...

WordPress Automatic Post Categories plugin <= 1.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Automatic Post Categories plugin versions = 1.0. Solution No patched version available...

WordPress WP Sessions Time Monitoring Full Automatic plugin <= 1.0.5 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress WP Sessions Time Monitoring Full Automatic plugin versions = 1.0.5. Solution Update the WordPress WP Sessions Time Monitoring Full Automatic plugin to the latest available version at least 1.0.6...

WordPress Tranzly: Automatic Translation plugin <= 1.0.2 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Tranzly: Automatic Translation plugin versions = 1.0.2. Solution Update the WordPress Tranzly: Automatic Translation plugin to the latest available version at least 1.1.0...

WordPress Tranzly: Automatic Translation plugin <= 1.0.2 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Tranzly: Automatic Translation plugin versions = 1.0.2. Solution Update the WordPress Tranzly: Automatic Translation plugin to the latest available version at least 1.1.0...

WordPress Automatic Post Categories plugin <= 1.0 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Automatic Post Categories plugin versions = 1.0. Solution No patched version available...

openSquat - Detection Of Phishing Domains And Domain Squatting. Supports Permutations Such As Homograph Attack, Typosquatting And Bitsquatting

What is openSquat openSquat is an opensource Intelligence OSINT security tool to identify cyber squatting threats to specific companies or domains, such as: Phishing campaigns Domain squatting Typo squatting Bitsquatting IDN homograph attacks Doppenganger domains Other brand/domain related scams ...

‘Cities: Skylines’ Gaming Modder Banned Over Hidden Malware

The developer of several popular mods for the Cities: Skylines city-building game has been banned after malware was discovered hidden in their wares. The modder, who goes by the handle Chaos as well as Holy Water, reportedly tucked an automatic updater into several mods that enabled the author to...

Mozilla: Extensions could have bypassed permission confirmation during update

A flaw was found in Mozilla. The Mozilla Foundation Security Advisory describes this flaw as: If a user installed a particular type of extension, the extension could have auto-updated itself, and while doing so may have bypassed the prompt which grants the new version the new requested permission...