27 matches found
EUVD-2009-1623
Malware in sbrugna...
EUVD-2024-55022
Malicious code in bioql PyPI...
CVE-2009-1628
Stack-based buffer overflow in mnet.exe in Unisys Business Information Server BIS 10 and 10.1 on Windows allows remote attackers to execute arbitrary code via a crafted TCP packet...
CVE-2024-20695 Skype for Business Information Disclosure Vulnerability
...
Microsoft SharePoint Server Remote Code Execution Vulnerability (CNVD-2023-72195)
Microsoft SharePoint Server is an enterprise business collaboration platform from Microsoft. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. A remote code...
Odoo Access Control Issue Vulnerability
Odoo is an Enterprise Resource Planning ERP and Customer Relationship Management CRM system from Odoo Belgium. The system is developed in Python language, PostgreSQL as the database, and includes modules for sales management, inventory management, financial management and so on. An access control...
Microsoft SharePoint Server Remote Code Execution Vulnerability (CNVD-2022-89421)
Microsoft SharePoint is an enterprise business collaboration platform from Microsoft Corporation USA. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information.A remo...
CVE-2022-30628 Supersmart.me – Walk Through access to business information without authentication
It was possible to download all receipts without authentication. Must first access the API https://XXXX.supersmart.me/services/v4/customer/signin to get a TOKEN. Then you can then access the API that provides invoice images based on the URL...
Supersmart 安全漏洞
Supersmart is an artificially intelligent automated checkout for brick-and-mortar retail by Israel's Supersmart. Supersmart has a security vulnerability that stems from accessing business information without authentication...
Microsoft SharePoint Server Remote Code Execution Vulnerability (CNVD-2022-22712)
Microsoft SharePoint is an enterprise business collaboration platform from Microsoft Corporation USA. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information. remot...
Microsoft SharePoint Server Remote Code Execution Vulnerability (CNVD-2021-101710)
Microsoft SharePoint is an enterprise business collaboration platform from Microsoft Corporation USA. The platform is used to consolidate business information and enable sharing of work, collaborating with others, organizing projects and workgroups, and searching for people and information.A remo...
#LetsTalkSecurity: Transformational Security
Let's Talk Security: Season 02 // Episode 01: Host, Rik Ferguson, interviews Business Information Security Officer from S Global Ratings, Alyssa Miller. Together they discuss transformational security...
Business email compromise campaign targets wide range of orgs with gift card scam
Cybercriminals continue to target businesses to trick recipients into approving payments, transferring funds, or, in this case, purchasing gift cards. This kind of email attack is called business email compromise BEC—a damaging form of phishing designed to gain access to critical business...
Acronis: IDOR on www.acronis.com API lead to steal private business user information
Summary Hi acronis team, i found an endpoint : www.acronis.com/en-us/api/v1/lead/id:929-HVV-335&token:mch-acronis.com- that is vulnerable to IDOR. with this vulnerability an attacker can steal private info such as company name, user name and surname, telephone number etc... Steps To Reproduce 1...
SAP Business Information Warehouse SQL Injection Vulnerability
SAP Business Information Warehouse SAP BW is a data warehouse for collecting and tabulating information in an enterprise environment from SAP Germany. The software is an enterprise-wide information center for data analysis from R / 3 and other business applications, including databases and extern...
SAP Business Information Warehouse SQL Injection Vulnerability
SAP Business Information Warehouse SAP BW is a data warehouse for collecting and tabulating information in an enterprise environment from SAP Germany. The software is an enterprise-wide information center for data analysis from R / 3 and other business applications, including databases and extern...
An Email Marketing Company Left 809 Million Records Exposed Online
A exposed database belonging to Verifications.io contained both personal and business information, including 763 million unique email addresses...
Yelp: ClickJacking in editing business name
SUMMARY: Hope you guys are doing great. I found clickjacking vulnerability while updating business page.One of the endpoints which is vulnerable to clickjacking is https://www.yelp.com/bizattribute?bizid=RIyHYSf3lyJcFb4El9T4tQ . Clickjacking User Interface redress attack, UI redress attack, UI...
South Korea Signs Up to Cyber Theft Pledge
On Friday the Obama administration secured its second win toward establishing a new norm in cyberspace. The Joint Fact Sheet published by the White House includes the following language: "no country should conduct or knowingly support cyber-enabled theft of intellectual property, trade secrets, o...
Unisys Business Information Server Stack Buffer Overflow (CVE-2009-1628)
The Unisys Business Information Server is a business information management solution that provides data access, analysis and reporting in an open, enterprise-wide computing environment. Business Information Server transforms corporate data into information that is made available throughout the...