ShinyHunters Claims Odido NL and Ben.nl Breach as Company Confirms Cyberattack

ShinyHunters claims 21 million records stolen in Odido NL and Ben.nl data breach as telecom company confirms cyberattack impacting customer contact system data...

PrestaShop cross-site scripting via customer contact form in FO, through file upload

Impact Only PrestaShops with customer-thread feature flag enabled are impacted, starting from PrestaShop 8.1.0. The impact is substantial, when the customer thread feature flag is enabled, through the front-office contact form, a hacker can upload a malicious file containing an XSS that will be...

GHSA-45VM-3J38-7P78 PrestaShop cross-site scripting via customer contact form in FO, through file upload

Impact Only PrestaShops with customer-thread feature flag enabled are impacted, starting from PrestaShop 8.1.0. The impact is substantial, when the customer thread feature flag is enabled, through the front-office contact form, a hacker can upload a malicious file containing an XSS that will be...

CVE-2024-34716 PrestaShop vulnerable to XSS via customer contact form in FO, through file upload

PrestaShop is an open source e-commerce web application. A cross-site scripting XSS vulnerability that only affects PrestaShops with customer-thread feature flag enabled is present starting from PrestaShop 8.1.0 and prior to PrestaShop 8.1.6. When the customer thread feature flag is enabled throu...

CVE-2024-34716 PrestaShop vulnerable to XSS via customer contact form in FO, through file upload

PrestaShop is an open source e-commerce web application. A cross-site scripting XSS vulnerability that only affects PrestaShops with customer-thread feature flag enabled is present starting from PrestaShop 8.1.0 and prior to PrestaShop 8.1.6. When the customer thread feature flag is enabled throu...

CVE-2022-27581

Use of a Broken or Risky Cryptographic Algorithm in SICK RFU61x firmware version v2.25 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher suites to be used for encryption via the SSH interface. The patch and installation procedure for the...

Leading Web Domain Name Registrars Disclose Data Breach

Another day, another massive data breach—this time affecting a leading web technology company, as well as both of its subsidiaries, from where millions of customers around the world have purchased domain names for their websites. The world's top domain registrars Web.com, Network Solutions, and...

Vulnerability found: The Adobe eBook Library

CONTACT INFORMATION =============================================================================== Name : Vladimir Katalov E-mail : [email protected] Phone / fax : +7 095 216-7937 +1 866 448-2703 fax; US, toll-free Affiliation and address: 2-171 generala Antonova st. Moscow 117279 Russia...