Why PCI DSS 4.0 Should Be on Your Radar in 2023

Protecting customer data is critical for any business accepting online payment information. The Payment Card Industry Data Security Standard PCI DSS, created by leading credit card companies, establishes best practices for protecting consumers' information. By adhering to these standards,...

CVE-2022-27139

An arbitrary file upload vulnerability in the file upload module of Ghost v4.39.0 allows attackers to execute arbitrary code via a crafted SVG file. NOTE: Vendor states that as outlined in Ghost's security documentation, upload of SVGs is only possible by trusted authenticated users. The uploadin...

PHP-Nuke 6.0 - Web Mail Script Injection

source: https://www.securityfocus.com/bid/6400/info A vulnerability has been discovered in the PHP-Nuke web mail module. Due to insufficient sanitization of HTML emails it is possible for an attacker to embed script code into malicious messages. Opening an email containing attacker-supplied scrip...