5 matches found
New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems
Cybersecurity researchers have developed a proof-of-concept PoC code that exploits a recently disclosed critical flaw in the Apache OfBiz open-source Enterprise Resource Planning ERP system to execute a memory-resident payload. The vulnerability in question is CVE-2023-51467 CVSS score: 9.8, a...
Rethinking Vulnerability Management in a Heightened Threat Landscape
Mariano Nunez, CEO, Onapsis Repeated warnings from CISA and the Biden Administration on the Russian cyber threat over the last several months have heightened the state of alertness for U.S. agencies and businesses across industries, which are expecting ‘tit-for-tat’ cyberattacks from Russia in...
My thoughts on the “2021 Gartner Market Guide for Vulnerability Assessment”. What about the quality?
The Gartner Vulnerability Management Reports are one of the few marketing reports that I try to read regularly. This started back in the days when I was working for a VM vendor doing competitive analysis. Gartner is one of the few organizations that think about Vulnerability Assessment and...
Unspecified Vulnerability in 2pi Software Cmfive
2pi Software Cmfive is Australia's 2pi Software's set of PHP language , mainly used for ERP systems built on open source Web application framework . A security vulnerability exists in the system/classes/DbPDO.php file in 2pi Software Cmfive versions 2015-03-15 and earlier, which can be exploited ...
Critical Code Execution Flaw Patched in PeopleSoft Core Engine
Organizations that have their PeopleSoft installations exposed to the internet should pay special attention to a remote code execution vulnerability patched on Tuesday as part of Oracle’s massive quarterly Critical Patch Update. The flaw, CVE-2017-10366, allows an attacker to gain remote code...