Lucene search
K

55 matches found

NVD
NVD
added 2022/08/08 1:15 p.m.17 views

CVE-2022-2703

A vulnerability was found in SourceCodester Gym Management System. It has been classified as critical. This affects an unknown part of the component Exercises Module. The manipulation of the argument exer leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

8.8CVSS0.00613EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/08/08 12:50 p.m.22 views

CVE-2022-2703 SourceCodester Gym Management System Exercises Module sql injection

A vulnerability was found in SourceCodester Gym Management System. It has been classified as critical. This affects an unknown part of the component Exercises Module. The manipulation of the argument exer leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.3CVSS9.2AI score0.00613EPSS
Exploits1References2
CVE
CVE
added 2022/08/08 12:50 p.m.58 views

CVE-2022-2703

The CVE-2022-2703 entry concerns SourceCodester Gym Management System, specifically the Exercises Module. The vulnerability is an SQL injection caused by manipulating the exer parameter, with remote exploitation possible and public disclosure of the exploit. Multiple sources classify the vulnerab...

8.8CVSS7.8AI score0.00613EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/08/08 12:50 p.m.10 views

CVE-2022-2703 SourceCodester Gym Management System Exercises Module sql injection

A vulnerability was found in SourceCodester Gym Management System. It has been classified as critical. This affects an unknown part of the component Exercises Module. The manipulation of the argument exer leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.3CVSS9AI score0.00613EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/08/08 12:0 a.m.5 views

PT-2022-18186 · Sourcecodester · Sourcecodester Gym Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Gym Management System affected versions not specified Description: A critical issue has been found in the Exercises Module of the SourceCodester Gym Management System. The manipulation of the exer argument leads to SQL injectio...

8.8CVSS8.9AI score0.00613EPSS
Exploits1References6
CNNVD
CNNVD
added 2022/08/08 12:0 a.m.4 views

SourceCodester Gym Management System SQL注入漏洞

SourceCodester Gym Management System is an American SourceCodester company's gym management system. The system is developed in C and sql server and features customer and vendor management, product management, sales management, gym membership management, fitness assessment, system logging, databas...

8.8CVSS7.7AI score0.00613EPSS
Exploits1References3
ThreatPost
ThreatPost
added 2022/06/07 1:25 p.m.33 views

Cyber Risk Retainers: Not Another Insurance Policy

The one-two punch of a cyberattack can be devastating. There is the breach and then the related mitigation costs. Implementing a comprehensive Incident Response IR gameplan into a worst-case-scenario should not be a post-breach scramble. And when that IR strategy includes insurance, it also must...

7.1AI score
Exploits0References2
Kitploit
Kitploit
added 2022/05/31 9:30 p.m.25 views

Wrongsecrets - Examples With How To Not Use Secrets

Welcome to the OWASP WrongSecrets p0wnable app. With this app, we have packed various ways of how to not store your secrets. These can help you to realize whether your secret management is ok. The challenge is to find all the different secrets by means of various tools and techniques. Can you sol...

7.6AI score
Exploits0References35
Kitploit
Kitploit
added 2022/05/30 9:30 p.m.45 views

Labtainers - A Docker-based Cyber Lab Framework

Labtainers include more than 50 cyber lab exercises and tools to build your own. Import a single VM appliance or install on a Linux system and your students are done with provisioning and administrative setup, for these and future lab exercises. Consistent lab execution environments and automated...

7.5AI score
Exploits0References5
Securelist
Securelist
added 2022/05/26 11:0 a.m.16 views

Managed detection and response in 2021

Kaspersky Managed Detection and Response MDR helps organizations to complement existing detection capabilities or to expand limited in-house resources to protect their infrastructure from the growing number and complexity of threats in real time. We collect telemetry from clients networks and...

2.6AI score
Exploits0
Kitploit
Kitploit
added 2022/04/14 9:30 p.m.145 views

vAPI - Vulnerable Adversely Programmed Interface Which Is Self-Hostable API That Mimics OWASP API Top 10 Scenarios Through Exercises

vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios in the means of Exercises. Requirements PHP MySQL PostMan MITM Proxy Installation Docker docker-compose up -d Installation Manual Copying the Code cd git clone...

7.5AI score
Exploits0References3
hivepro
hivepro
added 2022/02/17 8:28 a.m.29 views

BlackCat Ransomware group attacks on the rise

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here The Blackcat Ransomware gang also known as ALPHV has targeted around 25 organizations belonging to multiple sectors globally since November 2021. The group has claimed responsibility for the recent cyber attack on Swissport...

6.8AI score
Exploits0
Gitee
Gitee
added 2021/04/14 9:13 a.m.5 views

CTF-All-In-One

This is a comprehensive guide to CTF Capture The Flag competitions, specifically focusing on the Pwn binary exploitation aspect. The book is written by Yang Chao, a member of L-Team, and is intended for beginners. It covers the basics of binary exploitation, including memory management, buffer...

7.8AI score
Exploits0
Gitee
Gitee
added 2021/01/21 12:31 a.m.4 views

CTF-All-In-One

This is a comprehensive book on CTF Capture The Flag competitions, specifically focusing on the Pwn binary exploitation aspect. The book is written by Yang Chaofei, a member of L-Team, and is intended for beginners. It covers the basics of binary exploitation, including memory management, buffer...

7.7AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2020/10/06 4:0 p.m.35 views

Why we invite security researchers to hack Azure Sphere

Fighting the security battle so our customers don’t have to IoT devices are becoming more prevalent in almost every aspect of our lives—we will rely on them in our homes, our businesses, as well as our infrastructure. In February, Microsoft announced the general availability of Azure Sphere, an...

7.2AI score
Exploits0
Kitploit
Kitploit
added 2020/09/13 11:30 a.m.52 views

HTTP-revshell - Powershell Reverse Shell Using HTTP/S Protocol With AMSI Bypass And Proxy Aware

HTTP-revshell is a tool focused on redteam exercises and pentesters. This tool provides a reverse connection through the http/s protocol. It use a covert channel to gain control over the victim machine through web requests and thus evade solutions such as IDS, IPS and AV. Help server.py unisessio...

7.3AI score
Exploits0References3
The Hacker News
The Hacker News
added 2020/01/20 12:22 p.m.4 views

Evaluating Your Security Controls? Be Sure to Ask the Right Questions

Testing security controls is the only way to know if they are truly defending your organization. With many different testing frameworks and tools to choose from, you have lots of options. But what do you specifically want to know? And how are the findings relevant to the threat landscape you face...

5.8AI score
Exploits0
Kitploit
Kitploit
added 2019/05/15 9:53 p.m.154 views

JWT Tool - A Toolkit For Testing, Tweaking And Cracking JSON Web Tokens

jwttool.py is a toolkit for validating, forging and cracking JWTs JSON Web Tokens. Its functionality includes: Checking the validity of a token Testing for the RS/HS256 public key mismatch vulnerability Testing for the alg=None signature-bypass vulnerability Testing the validity of a secret/key/k...

7.2AI score
Exploits0References1
ThreatPost
ThreatPost
added 2018/10/16 3:36 p.m.27 views

ThreatList: Half of Execs Feel Unprepared to Respond to a Cyber-Incident

Nearly half 46 percent of executives in a Deloitte poll say their organizations have experienced a cybersecurity incident over the past year — and that they’re still no closer to being ready for the next event. The survey, of more than 3,150 professionals taken during a Deloitte Dbriefs webcast o...

0.9AI score
Exploits0References3
Openbugbounty
Openbugbounty
added 2018/10/03 11:0 a.m.8 views

nederlandsoefenen.be XSS vulnerability

Open Bug Bounty ID: OBB-682223 Description| Value ---|--- Affected Website:| nederlandsoefenen.be Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

0.1AI score
Exploits0
Rows per page
Query Builder