Lucene search
K

60 matches found

CNNVD
CNNVD
added 2024/11/16 12:0 a.m.4 views

WordPress plugin SVG Case Study 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in WordPress...

6.4CVSS7.4AI score0.00332EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/11/15 9:37 p.m.6 views

WordPress SVG Case Study plugin <= 1.0 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability

Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by Francesco Carlucci in WordPress Plugin SVG Case Study versions = 1.0...

6.4CVSS5.7AI score0.00332EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/11/15 12:0 a.m.12 views

WordPress SVG Case Study Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software SVG Case Study Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9850 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 170c145ba154 Credits Francesco Carlucci Required...

6.4CVSS6AI score0.00332EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/11/15 12:0 a.m.5 views

PT-2024-39887 · WordPress · Svg Case Study

Name of the Vulnerable Software and Affected Versions: SVG Case Study plugin for WordPress versions up to, and including, 1.0 Description: The issue is related to Stored Cross-Site Scripting via SVG File uploads due to insufficient input sanitization and output escaping. This allows authenticated...

6.4CVSS7.8AI score0.00332EPSS
Exploits0References6
The Hacker News
The Hacker News
added 2024/11/14 10:30 a.m.5 views

TikTok Pixel Privacy Nightmare: A New Case Study

Advertising on TikTok is the obvious choice for any company trying to reach a young market, and especially so if it happens to be a travel company, with 44% of American Gen Zs saying they use the platform to plan their vacations. But one online travel marketplace targeting young holidaymakers wit...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/07/15 8:1 a.m.14 views

A week in security (July 8 &#8211; July 14)

Last week on Malwarebytes Labs: "Nearly all" AT&T customers had phone records stolen in new data breach disclosure Fake Microsoft Teams for Mac delivers Atomic Stealer Dangerous monitoring tool mSpy suffers data breach, exposes customer details iPhone users in 98 countries warned about spyware by...

7.1AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2023/03/27 12:0 a.m.24 views

Earth Preta’s Cyberespionage Campaign Hits Over 200

We present a case study of the cyberespionage efforts by Earth Preta. This study on an active campaign delves into the structure, goals, and requirements of the organizations involved, and provides an opportunity to conduct wider intelligence analysis and insights in the development of effective...

6.7AI score
Exploits0
Trend Micro Simply Security
Trend Micro Simply Security
added 2023/03/02 12:0 a.m.14 views

Leveraging Data Science to Minimize the Blast Radius of Ransomware Attacks

In this blog entry, we present a case study that illustrates how data-science techniques can be used to gain valuable insights about ransomware groups' targeting patterns as detailed in our research paper, “What Decision-Makers Need to Know About Ransomware Risk.”...

1.6AI score
Exploits0
Imperva Blog
Imperva Blog
added 2022/08/30 1:23 p.m.19 views

How to Support Agile Development Through Cybersecurity Best Practices

Understanding other peoples problems It’s often said that people only notice cybersecurity when it fails, or when it gets in the way of them doing their jobs. Organizations, and especially software development teams, want to be able to develop quickly and easily to stay ahead of their competition...

0.1AI score
Exploits0
Schneier on Security
Schneier on Security
added 2021/08/30 11:24 a.m.11 views

Excellent Write-up of the SolarWinds Security Breach

Robert Chesney wrote up the Solar Winds story as a case study, and its a really good summary...

1.8AI score
Exploits0
Kitploit
Kitploit
added 2021/03/13 11:30 a.m.137 views

Gitls - Enumerate Git Repository URL From List Of URL / User / Org

Enumerate git repository URL from list of URL / User / Org. Friendly to pipeline This tool is available when the repository, such as github, is included in the bugbounty scope. Sometimes specified as an org name or user name rather than a specific repository, you can use this tool to extract url...

7.4AI score
Exploits0References3
Kitploit
Kitploit
added 2020/11/22 8:30 p.m.40 views

Amlsec - Automated Security Risk Identification Using AutomationML-based Engineering Data

This prototype identifies security risk sources i.e., threats and vulnerabilities and types of attack consequences based on AutomationML AML artifacts. The results of the risk identification process can be used to generate cyber-physical attack graphs, which model multistage cyber attacks that...

6.8AI score
Exploits0References7
Kitploit
Kitploit
added 2018/08/31 12:49 p.m.101 views

Rosenbridge - Hardware Backdoors In Some X86 CPUs

project:rosenbridge reveals a hardware backdoor in some desktop, laptop, and embedded x86 processors. The backdoor allows ring 3 userland code to circumvent processor protections to freely read and write ring 0 kernel data. While the backdoor is typically disabled requiring ring 0 execution to...

7.5AI score
Exploits0References2
Trend Micro Simply Security
Trend Micro Simply Security
added 2018/04/25 2:48 p.m.36 views

Customer data & marketing operations: Keeping your data safe on the journey to GDPR compliance

Emails. Web forms. Events. Oh my! These marketing tactics are all designed to gather, store, and evolve relationships with your prospects, customers, and partners. Often times, they are the first point of contact for your organization from the outside world—and they all feed into your marketing...

1.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2018/02/28 4:0 p.m.73 views

Encryption 101: ShiOne ransomware case study

In part one of this series, Encryption 101: a malware analyst's primer, we introduced some of the basic encryption concepts used in malware. If you haven't read it, we suggest going back for a review, as it's necessary in order to be able to fully follow part two, our case study. In this study, w...

6.8AI score
Exploits0
Citrix
Citrix
added 2018/02/07 12:0 a.m.7 views

NAT with SD-WAN explained with Case study

Assistance required with NAT configuration...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2015/09/03 10:54 p.m.10 views

Caution! Hackers Can Easily Hijack Popular Baby Monitors to Watch Your Kids

Several video baby monitors from six different manufacturers were under scrutiny for in-depth security testing, and the outcome was negative. Yes, they lacked in serving basic security through their devices. At the High Technology Crime Investigation Association HTCIA conference on September 2,...

6.8AI score
Exploits0
seebug.org
seebug.org
added 2009/04/14 12:0 a.m.21 views

ftpdmin 0.96 RNFR Remote Buffer Overflow Exploit (xp sp3/case study)

No description provided by source. ?php / ftpdmin v. 0.96 RNFR remote buffer overflow exploit xp sp3 / case study by Nine:Situations:Group::surfista software site: http://www.sentex.net/mwandel/ftpdmin/ our site: http://retrogod.altervista.org/ bug found by rgod in 2006, RNFR sequences can trigge...

7.1AI score
Exploits0
0day.today
0day.today
added 2009/04/13 12:0 a.m.23 views

ftpdmin 0.96 RNFR Remote Buffer Overflow Exploit (xp sp3/case study)

Exploit for windows platform in category remote exploits ==================================================================== ftpdmin 0.96 RNFR Remote Buffer Overflow Exploit xp sp3/case study ==================================================================== ".$cmd."\n";...

7.1AI score
Exploits0
myhack58
myhack58
added 2006/02/15 12:0 a.m.18 views

Social engineering analysis, and network phishing attacks case study-vulnerability warning-the black bar safety net

Recent fishing information, Put a point out for everyone to see. In fact it is not anything new, mainly want everyone to understand what is social engineering what is phishing, the relationship between them is what will lead to the question of what to appear. Because is belongs to the presentatio...

1.1AI score
Exploits0
Rows per page
Query Builder