28 matches found
CVE-2026-13525
A vulnerability was detected in CodeAstro Human Resource Management System 1.0. This issue affects the function emselectByCode of the file application/models/Employeemodel.php of the component UpdateEarnLeave Endpoint. The manipulation of the argument emid results in sql injection. The attack can...
CVE-2026-13525 CodeAstro Human Resource Management System Update_Earn_Leave Endpoint Employee_model.php emselectByCode sql injection
A vulnerability was detected in CodeAstro Human Resource Management System 1.0. This issue affects the function emselectByCode of the file application/models/Employeemodel.php of the component UpdateEarnLeave Endpoint. The manipulation of the argument emid results in sql injection. The attack can...
CVE-2026-13525
CodeAstro Human Resource Management System 1.0 contains a SQL injection in Update_Earn_Leave Endpoint, specifically in Employee_model.php emselectByCode via the emid parameter. The vulnerability arises from unsanitized input leading to SQL injection, enabling remote exploitation. Public exploit a...
CVE-2026-13525
A vulnerability was detected in CodeAstro Human Resource Management System 1.0. This issue affects the function emselectByCode of the file application/models/Employeemodel.php of the component UpdateEarnLeave Endpoint. The manipulation of the argument emid results in sql injection. The attack can...
Malicious code in hemi-earn-actions (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a9c2a72c75e835bc78738de0839bd4727df93d6bcb8aed2215289973996c4f3c On npm install, the package's preinstall script postinstall.js collects host metadata hostname, username, cwd, npm config and iterates process.env,...
CVE-2026-30285
An arbitrary file overwrite vulnerability in Zora: Post, Trade, Earn Crypto v2.60.0 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...
EUVD-2026-17595
An arbitrary file overwrite vulnerability in Zora: Post, Trade, Earn Crypto v2.60.0 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...
CVE-2026-30285
An arbitrary file overwrite vulnerability in Zora: Post, Trade, Earn Crypto v2.60.0 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...
Malicious code in hand-earn-nation (npm)
The package hand-earn-nation was found to contain malicious code...
MAL-2025-44536 Malicious code in hand-earn-nation (npm)
The package hand-earn-nation was found to contain malicious code...
OpenAI Launches ChatGPT Bug Bounty Program – Earn $200 to $20k
By Waqas Do you have the skills to take part in OpenAI's ChatGPT Bug Bounty Program? If so, here is your chance to earn big bucks. This is a post from HackRead.com Read the original post: OpenAI Launches ChatGPT Bug Bounty Program - Earn $200 to $20k...
What is Blockchain Gaming and its Play-to-Earn Model?
By Waqas The games industry boomed in lockdown and market value will reach $320 billion, and it is only natural that some of this money would flow into blockchain gaming companies. This is a post from HackRead.com Read the original post: What is Blockchain Gaming and its Play-to-Earn Model?...
One could get up to 20x more xCTDL tokens when deposit right after earn().
Lines of code Vulnerability details Impact When earn is called by authorized actors keeper or governance, 95% of the balance of CTDL token in the StakedCitadel contract will be transferred to strategy. Thus, the balance will be roughly only 5% of the totalSupply. At this juncture, if an attacker...
earn can be called many times
Lines of code Vulnerability details earn can be called many times and each time more money will be transferred to the strategy, and the money in the strategy can be above the desired percentage of the money that should be in the strategy. --- The text was updated successfully, but these errors we...
The CIA Has Secretly Run a ‘Bulk Collection’ Program
Plus: Vulnerability fixes, the return of EARN IT, and more of the week’s top security news...
The EARN IT Act Is Back
Senators have reintroduced the EARN IT Act, requiring social media companies among others to administer a massive surveillance operation on their users: A group of lawmakers led by Sen. Richard Blumenthal D-CT and Sen. Lindsey Graham R-SC have re-introduced the EARN IT Act, an incredibly unpopula...
earn results in decreasing share price
Handle jonah1005 Vulnerability details Impact For a dai vault that pairs with NativeStrategyCurve3Crv, every time earn is called, shareholders would lose money. about 2% There're two issues involved. The Vault contract and the controller contract doesn't handle the price difference between the wa...
Encryption-Busting EARN IT Act Advances in Senate
Plus: A massive crime bust in Europe, a warning from US Cyber Command, and more of the week's top security news...
Going dark: encryption and law enforcement
UPDATE, 05/22/2020: In the advent of the EARN IT Act, the debate on government subversion of encryption has reignited. Given that the material conditions of the technology have not changed, and the arguments given in favor of the bill are not novel, we've decided to republish the following blog...
A week in security (May 11 – May 17)
Last week on Malwarebytes Labs, we explained why RevenueWire has to pay $6.7 million to settle FTC charges, how CVSS works: characterizing and scoring vulnerabilities, and we talked about how and why hackers hit a major law firm with Sodinokibi ransomware. We also launched another episode of our...