Lucene search
+L

28 matches found

NVD
NVD
added 2026/06/29 3:16 a.m.11 views

CVE-2026-13525

A vulnerability was detected in CodeAstro Human Resource Management System 1.0. This issue affects the function emselectByCode of the file application/models/Employeemodel.php of the component UpdateEarnLeave Endpoint. The manipulation of the argument emid results in sql injection. The attack can...

6.5CVSS0.002EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/29 2:0 a.m.35 views

CVE-2026-13525 CodeAstro Human Resource Management System Update_Earn_Leave Endpoint Employee_model.php emselectByCode sql injection

A vulnerability was detected in CodeAstro Human Resource Management System 1.0. This issue affects the function emselectByCode of the file application/models/Employeemodel.php of the component UpdateEarnLeave Endpoint. The manipulation of the argument emid results in sql injection. The attack can...

6.5CVSS0.002EPSS
Exploits0References6
CVE
CVE
added 2026/06/29 2:0 a.m.21 views

CVE-2026-13525

CodeAstro Human Resource Management System 1.0 contains a SQL injection in Update_Earn_Leave Endpoint, specifically in Employee_model.php emselectByCode via the emid parameter. The vulnerability arises from unsanitized input leading to SQL injection, enabling remote exploitation. Public exploit a...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/29 2:0 a.m.9 views

CVE-2026-13525

A vulnerability was detected in CodeAstro Human Resource Management System 1.0. This issue affects the function emselectByCode of the file application/models/Employeemodel.php of the component UpdateEarnLeave Endpoint. The manipulation of the argument emid results in sql injection. The attack can...

6.5CVSS6.5AI score0.002EPSS
Exploits0References6Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/15 3:9 p.m.14 views

Malicious code in hemi-earn-actions (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a9c2a72c75e835bc78738de0839bd4727df93d6bcb8aed2215289973996c4f3c On npm install, the package's preinstall script postinstall.js collects host metadata hostname, username, cwd, npm config and iterates process.env,...

5.3AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/01 5:0 a.m.4 views

CVE-2026-30285

An arbitrary file overwrite vulnerability in Zora: Post, Trade, Earn Crypto v2.60.0 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...

9.8CVSS6.4AI score0.00617EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/31 9:31 p.m.3 views

EUVD-2026-17595

An arbitrary file overwrite vulnerability in Zora: Post, Trade, Earn Crypto v2.60.0 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...

6.4AI score0.00617EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/03/31 12:0 a.m.1 views

CVE-2026-30285

An arbitrary file overwrite vulnerability in Zora: Post, Trade, Earn Crypto v2.60.0 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...

6.4AI score0.00617EPSS
Exploits1References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/09/05 5:10 p.m.4 views

Malicious code in hand-earn-nation (npm)

The package hand-earn-nation was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/09/05 5:10 p.m.2 views

MAL-2025-44536 Malicious code in hand-earn-nation (npm)

The package hand-earn-nation was found to contain malicious code...

7AI score
Exploits0
HackRead
HackRead
added 2023/04/12 7:14 p.m.17 views

OpenAI Launches ChatGPT Bug Bounty Program – Earn $200 to $20k

By Waqas Do you have the skills to take part in OpenAI's ChatGPT Bug Bounty Program? If so, here is your chance to earn big bucks. This is a post from HackRead.com Read the original post: OpenAI Launches ChatGPT Bug Bounty Program - Earn $200 to $20k...

6.6AI score
Exploits0
HackRead
HackRead
added 2022/09/29 12:16 p.m.8 views

What is Blockchain Gaming and its Play-to-Earn Model?

By Waqas The games industry boomed in lockdown and market value will reach $320 billion, and it is only natural that some of this money would flow into blockchain gaming companies. This is a post from HackRead.com Read the original post: What is Blockchain Gaming and its Play-to-Earn Model?...

2.6AI score
Exploits0
Code423n4
Code423n4
added 2022/04/20 12:0 a.m.8 views

One could get up to 20x more xCTDL tokens when deposit right after earn().

Lines of code Vulnerability details Impact When earn is called by authorized actors keeper or governance, 95% of the balance of CTDL token in the StakedCitadel contract will be transferred to strategy. Thus, the balance will be roughly only 5% of the totalSupply. At this juncture, if an attacker...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/04/20 12:0 a.m.7 views

earn can be called many times

Lines of code Vulnerability details earn can be called many times and each time more money will be transferred to the strategy, and the money in the strategy can be above the desired percentage of the money that should be in the strategy. --- The text was updated successfully, but these errors we...

6.9AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2022/02/12 2:0 p.m.14 views

The CIA Has Secretly Run a ‘Bulk Collection’ Program

Plus: Vulnerability fixes, the return of EARN IT, and more of the week’s top security news...

2.6AI score
Exploits0
Schneier on Security
Schneier on Security
added 2022/02/04 3:44 p.m.20 views

The EARN IT Act Is Back

Senators have reintroduced the EARN IT Act, requiring social media companies among others to administer a massive surveillance operation on their users: A group of lawmakers led by Sen. Richard Blumenthal D-CT and Sen. Lindsey Graham R-SC have re-introduced the EARN IT Act, an incredibly unpopula...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/09/12 12:0 a.m.15 views

earn results in decreasing share price

Handle jonah1005 Vulnerability details Impact For a dai vault that pairs with NativeStrategyCurve3Crv, every time earn is called, shareholders would lose money. about 2% There're two issues involved. The Vault contract and the controller contract doesn't handle the price difference between the wa...

6.8AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2020/07/04 1:0 p.m.17 views

Encryption-Busting EARN IT Act Advances in Senate

Plus: A massive crime bust in Europe, a warning from US Cyber Command, and more of the week's top security news...

1.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/05/22 3:0 p.m.96 views

Going dark: encryption and law enforcement

UPDATE, 05/22/2020: In the advent of the EARN IT Act, the debate on government subversion of encryption has reignited. Given that the material conditions of the technology have not changed, and the arguments given in favor of the bill are not novel, we've decided to republish the following blog...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2020/05/18 3:28 p.m.36 views

A week in security (May 11 – May 17)

Last week on Malwarebytes Labs, we explained why RevenueWire has to pay $6.7 million to settle FTC charges, how CVSS works: characterizing and scoring vulnerabilities, and we talked about how and why hackers hit a major law firm with Sodinokibi ransomware. We also launched another episode of our...

6.8AI score
Exploits0
Rows per page
Query Builder