14 matches found
EUVD-2024-22945
Malicious code in bioql PyPI...
CVE-2023-50712
Summary (CVE-2023-50712): Iris-web prior to v2.3.7 contains a stored XSS vulnerability across multiple locations. An attacker must be authenticated to exploit, and injected scripts could execute when a user visits affected areas, potentially enabling unauthorized access or data theft. The issue i...
Cross site scripting
Iris is a web collaborative platform aiming to help incident responders sharing technical details during investigations. A stored Cross-Site Scripting XSS vulnerability has been identified in iris-web, affecting multiple locations . The vulnerability in allows an attacker to inject malicious...
CVE-2023-30615
CVE-2023-30615 (iris-web) is a stored XSS vulnerability affecting iris-web before version 2.2.1. The issue allows an authenticated attacker to inject malicious scripts that run when users visit affected locations, with potential for unauthorized access and data theft. The patch is available in ir...
Cervantes - Collaborative Platform For Pentesters Or Red Teams Who Want To Save Time To Manage Their Projects, Clients, Vulnerabilities And Reports In One Place
Cervantes is an opensource collaborative platform for pentesters or red teams who want to save time to manage their projects, clients, vulnerabilities and reports in one place. Features OpenSource Multiplatform Multilanguage Team Collaboration BuiltIn dashbaords and analytics Manage your clients...
Weak Password Vulnerability in UCM Collaborative Communication Platform of Beijing Zhongchuang Vision Technology Co.
UCM Collaborative Communication Platform is a SIP communication control hardware device, which can realize traditional video conference system terminal registration, multi-party conference MCU, device management, firewall traversal and so on. There is a weak password vulnerability in the UCM...
Faraday v3.11 - Collaborative Penetration Test and Vulnerability Management Platform
This new release brings strong improvements to your security team’s daily performance , allowing them to operate quicker and smarter by increasing accessibility and stabilizing usual functionality. Major enhancements are focused on providing global visualization of findings , improvements on our...
Information leakage vulnerability in te***.aspx page of the collaborative office management platform of Quanta Technology Co.
Quanta Technology Co., Ltd. is a digital construction platform service provider that provides more than one hundred products/services based on "end+cloud+big data" and value-added services such as industrial big data and industrial new finance, with the core support of professional applications i...
See Orange Tsai how to use the four Bugs to achieve Amazon the collaborative platform of the RCE vulnerability-vulnerability warning-the black bar safety net
! Taiwan white cap Orange Tsai(Cai governance up invited to this session of the Black Hat USA and DEFCON 26 post subject speeches, in the Breaking Parser Logic! Take Your Path Normalization Off and Pop 0days Out of his speech, he shared how based on the“inconsistencies”in Security, Integrated the...
Faraday v2.4 - Collaborative Penetration Test and Vulnerability Management Platform
Faraday is the Integrated Multiuser Risk Environment you were looking for! It maps and leverages all the knowledge you generate in real time, letting you track and understand your audits. Our dashboard for CISOs and managers uncovers the impact and risk being assessed by the audit in real-time...
Hackers Gamifies DDoS Attacks With Collaborative Platform
A Turkish hacking crew is luring participants to join its DDoS platform to compete with peers to earn redeemable points that are exchangeable for hacking tools and click-fraud software. The goal, security researchers say, is to “gamify” DDoS attacks in order to attract a critical mass of hackers...
Faraday v1.0.21 - Collaborative Penetration Test and Vulnerability Management Platform
Faraday is the Integrated Multiuser Risk Environment you were looking for! It maps and leverages all the knowledge you generate in real time, letting you track and understand your audits. Our dashboard for CISOs and managers uncovers the impact and risk being assessed by the audit in real-time...
SQL Injection Vulnerability in Panmicro Collaborative Business System
Panavision Collaborative Business System is a complete enterprise collaborative work platform. A SQL injection vulnerability exists in the full version of Panmicro Collaborative Business System, which allows attackers to exploit the vulnerability to obtain sensitive information from the database...
Startup CrowdStrike Launches Crowd-Sourced Platform for Malware Analysis
Venture funded startup CrowdStrike has launched a new platform that will allow security researchers to work collaboratively to reverse engineer and analyze malicious code. The new platform, CrowdRE, was designed to resemble conventional software version control systems, with features that allow...