Lucene search
K

367 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 9:6 p.m.7 views

CVE-2021-42664

A Stored Cross Site Scripting XSS Vulneraibiilty exists in Sourcecodester Engineers Online Portal in PHP via the 1 Quiz title and 2 quiz description parameters to addquiz.php. An attacker can leverage this vulnerability in order to run javascript commands on the web server surfers behalf, which c...

5.4CVSS5.9AI score0.01647EPSS
Exploits6
RedhatCVE
RedhatCVE
added 2025/05/22 9:6 p.m.7 views

CVE-2021-42671

An incorrect access control vulnerability exists in Sourcecodester Engineers Online Portal in PHP in niamunozmonitoringsystem/admin/uploads. An attacker can leverage this vulnerability in order to bypass access controls and access all the files uploaded to the web server without the need of...

7.5CVSS7.1AI score0.19676EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2025/05/22 9:5 p.m.8 views

CVE-2021-42669

A file upload vulnerability exists in Sourcecodester Engineers Online Portal in PHP via dashboardteacher.php, which allows changing the avatar through teacheravatar.php. Once an avatar gets uploaded it is getting uploaded to the /admin/uploads/ directory, and is accessible by all users. By...

10CVSS7.2AI score0.2327EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2025/05/22 6:49 p.m.5 views

CVE-2021-42665

An SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the login form inside of index.php, which can allow an attacker to bypass authentication...

9.8CVSS8.1AI score0.0487EPSS
Exploits3
Microsoft Secure
Microsoft Secure
added 2025/04/24 4:0 p.m.18 views

New whitepaper outlines the taxonomy of failure modes in AI agents

We are releasing a taxonomy of failure modes in AI agents to help security professionals and machine learning engineers think through how AI systems can fail and design them with safety and security in mind. The taxonomy continues Microsoft AI Red Team's work to lead the creation of systematizati...

7.5AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/04 10:13 p.m.8 views

CVE-2024-35244

There are several hidden accounts. Some of them are intended for maintenance engineers, and with the knowledge of their passwords e.g., by examining the coredump, these accounts can be used to re-configure the device. As for the details of affected product names, model numbers, and versions, refe...

9.1CVSS6.7AI score0.01088EPSS
Exploits1References1
Trend Micro Simply Security
Trend Micro Simply Security
added 2025/01/13 12:0 a.m.4 views

World Tour Survey: Cloud Engineers Wrestle with Risk

Trend surveyed 750 cybersecurity professionals in 49 countries to learn more about the state of cybersecurity, from job pressures to the need for more advanced tools. Explore what cloud security engineers teams had to say...

7.3AI score
Exploits0
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.3 views

PT-2025-20833

Name of the Vulnerable Software and Affected Versions: GNUScreen version 5.0.1 and earlier Description: The issue affects Linux administrators, cloud engineers, and developers. It is related to a root privilege escalation flaw. Recommendations: For versions prior to 5.0.1, update to version 5.0.1...

6.5CVSS6.3AI score0.0054EPSS
Exploits3References32
The Hacker News
The Hacker News
added 2024/12/20 10:44 a.m.3 views

Lazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware

The Lazarus Group, an infamous threat actor linked to the Democratic People's Republic of Korea DPRK, has been observed leveraging a "complex infection chain" targeting at least two employees belonging to an unnamed nuclear-related organization within the span of one month in January 2024. The...

7.2AI score
Exploits0
NVD
NVD
added 2024/11/26 8:15 a.m.13 views

CVE-2024-35244

There are several hidden accounts. Some of them are intended for maintenance engineers, and with the knowledge of their passwords e.g., by examining the coredump, these accounts can be used to re-configure the device. As for the details of affected product names, model numbers, and versions, refe...

9.1CVSS0.01088EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2024/11/26 7:38 a.m.11 views

CVE-2024-35244

There are several hidden accounts. Some of them are intended for maintenance engineers, and with the knowledge of their passwords e.g., by examining the coredump, these accounts can be used to re-configure the device. As for the details of affected product names, model numbers, and versions, refe...

9.1CVSS9.2AI score0.01088EPSS
Exploits1References6
Cvelist
Cvelist
added 2024/11/26 7:38 a.m.29 views

CVE-2024-35244

There are several hidden accounts. Some of them are intended for maintenance engineers, and with the knowledge of their passwords e.g., by examining the coredump, these accounts can be used to re-configure the device. As for the details of affected product names, model numbers, and versions, refe...

9.1CVSS0.01088EPSS
Exploits1References6
CVE
CVE
added 2024/11/26 7:38 a.m.59 views

CVE-2024-35244

Sharp MFPs (Sharp Multifunction Printers) are affected by CVE-2024-35244 due to trust‑management issues that allow use of hard‑coded or easily obtainable credentials via maintenance accounts. Affected functionality can be abused to re‑configure devices, with risk to confidentiality and integrity ...

9.1CVSS6.7AI score0.01088EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2024/11/26 12:0 a.m.4 views

PT-2024-26405 · Sharp +1 · Multiple Mfps

Name of the Vulnerable Software and Affected Versions: No specific product names, model numbers, or versions are mentioned in the provided descriptions. Description: There are several hidden accounts, some of which are intended for maintenance engineers. With knowledge of their passwords, these...

9.1CVSS6.9AI score0.01088EPSS
Exploits1References10
GithubExploit
GithubExploit
added 2024/11/19 10:7 a.m.559 views

Exploit for Missing Authentication for Critical Function in Really-Simple-Plugins Really_Simple_Security

wordpress-really-simple-security-authn-bypass-exploit This is...

9.8CVSS7.1AI score0.81722EPSS
Exploits21
CVE
CVE
added 2024/10/09 6:25 p.m.64 views

CVE-2024-47833

Taipy (Python library) is affected by a vulnerability where session cookies are served without Secure and HTTPOnly flags in affected versions prior to 4.0.0. The issue is documented across multiple sources (CVE record, Red Hat, OSV, GitHub GHSA advisory) and is explicitly addressed in release 4.0...

6.5CVSS6.4AI score0.00246EPSS
Exploits1References1Affected Software1
HackRead
HackRead
added 2024/08/22 11:12 a.m.11 views

Transform Your CAD Workflow with Parametric Modeling

Designers and engineers are always searching for tools to speed up their work and create more complex designs.…...

7.3AI score
Exploits0
OSV
OSV
added 2024/07/16 10:56 p.m.10 views

CVE-2024-40637 Implicit override for built-in materializations from installed packages in dbt-core

dbt enables data analysts and engineers to transform their data using the same practices that software engineers use to build applications. When a user installs a package in dbt, it has the ability to override macros, materializations, and other core components of dbt. This is by design, as it...

4.2CVSS6.5AI score0.00372EPSS
Exploits1References10
SUSE CVE
SUSE CVE
added 2024/07/09 4:1 a.m.4 views

SUSE CVE-2023-5281

A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been classified as critical. This affects an unknown part of the file removeinboxmessage.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has...

9.8CVSS7.2AI score0.0069EPSS
Exploits1References5
Kitploit
Kitploit
added 2024/05/31 12:30 p.m.76 views

Ars0N-Framework - A Modern Framework For Bug Bounty Hunting

Howdy! My name is Harrison Richardson, or rs0n arson when I want to feel cooler than I really am. The code in this repository started as a small collection of scripts to help automate many of the common Bug Bounty hunting processes I found myself repeating. Over time, I built a simple web...

7AI score
Exploits0References4
Rows per page
Query Builder