EUVD-2021-20514

Malware in sbrugna...

EUVD-2022-52322

Malicious code in bioql PyPI...

CVE-2025-8926

A vulnerability was found in SourceCodester COVID 19 Testing Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /login.php. The manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit has been...

CVE-2024-53603

A SQL Injection vulnerability was found in /covid-tms/password-recovery.php in PHPGurukul COVID 19 Testing Management System v1.0, which allows remote attackers to execute arbitrary code via the contactno POST request parameter...

CVE-2024-53635

CVE-2024-53635 is a reported reflected Cross-Site Scripting (XSS) vulnerability in PHPGurukul COVID 19 Testing Management System v1.0. The flaw resides in the /covid-tms/patient-search-report.php endpoint and is exploit-able via the POST parameter searchdata , enabling remote attackers to execute...

Covid-19 Directory On Vaccination System 1.0 Insecure Settings

==================================================================================================================================== | Title : Covid-19 Directory on Vaccination System v1.0 Insecure Settings Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla...

CVE-2024-34429 WordPress Simple Website Banner plugin <= 1.8.0.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Orchestrated Corona Virus COVID-19 Banner & Live Data allows Stored XSS.This issue affects Corona Virus COVID-19 Banner & Live Data: from n/a through 1.8.0.2...

Hackers Leak COVID-19 Data of 820K Dominicans, Including Vaccination Info

By Deeba Ahmed A massive data leak of 820,000 Dominicans' personal information including COVID vaccination status has been leaked online puting individuals at risk of identity theft, scams, and social engineering attacks. This is a post from HackRead.com Read the original post: Hackers Leak...

CVE-2024-2028 Exclusive Addons for Elementor <= 2.6.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Covid-19 Stats Widget

The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Covid-19 Stats Widget in all versions up to, and including, 2.6.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

Exclusive Addons for Elementor < 2.6.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Covid-19 Stats Widget

Description The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Covid-19 Stats Widget in all versions up to, and including, 2.6.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers...

TikTok’s latest actions to combat misinformation shows it’s not just a U.S. problem

When we talk about the term "fake news," most people likely picture a certain person who made the term infamous. And when we talk about misinformation and disinformation, many will remember the "Russian troll farms" that popped up during the 2016 U.S. presidential election and were unmasked and...

Scammers Are Tricking Anti-Vaxxers Into Buying Bogus Medical Documents

On Telegram, scammers are impersonating doctors to sell fake Covid-19 vaccination certificates and other products, showing how criminals are taking advantage of conspiracy theories...

China-Linked Hackers Strike Worldwide: 17 Nations Hit in 3-Year Cyber Campaign

Hackers associated with China's Ministry of State Security MSS have been linked to attacks in 17 different countries in Asia, Europe, and North America from 2021 to 2023. Cybersecurity firm Recorded Future attributed the intrusion set to a nation-state group it tracks under the name RedHotel...

CVE-2023-2677

A vulnerability, which was classified as critical, was found in SourceCodester Covid-19 Contact Tracing System 1.0. This affects an unknown part of the file admin/establishment/manage.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely...

Sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Covid-19 Contact Tracing System 1.0. This affects an unknown part of the file admin/establishment/manage.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely...

CVE-2023-2677

CVE-2023-2677 affects SourceCodester Covid-19 Contact Tracing System 1.0, with a SQL injection in admin/establishment/manage.php caused by manipulation of the id parameter. It is remotely exploitable and has public disclosure. In connected sources, remediation guidance for this version suggests r...

CVE-2023-2677 SourceCodester Covid-19 Contact Tracing System manage.php sql injection

A vulnerability, which was classified as critical, was found in SourceCodester Covid-19 Contact Tracing System 1.0. This affects an unknown part of the file admin/establishment/manage.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely...

MilleGPG5 5.9.2 (Gennaio 2023) - Local Privilege Escalation / Incorrect Access Control

Exploit Title: MilleGPG5 5.9.2 Gennaio 2023 - Local Privilege Escalation / Incorrect Access Control Date: 2023-04-28 Exploit Author: Andrea Intilangelo Vendor Homepage: https://millegpg.it/ Software Homepage: https://millegpg.it - https://millewin.it/prodotti/governo-clinico-3/ Software Link:...

Celebrating Women’s History Month at Rapid7

Each March, we reflect on the historical accomplishments and ongoing need to support women. This, of course, should be embraced all 12 months of the year, but Women’s History Month gives us a special opportunity to learn from, celebrate, and amplify the voices of women. At Rapid7, we’re shining a...

S4x23 Review Part 3: Healthcare Cybersecurity Sessions

This article focuses on the healthcare sector. Over the past two years, the healthcare sector has been in a constant state of emergency due to the COVID-19 pandemic, and as widely reported in the media, it has also been threatened by cyberattacks such as ransomware...