Lucene search
K

40 matches found

CVE
CVE
added 2024/03/20 2:35 a.m.79 views

CVE-2024-1799

CVE-2024-1799 affects GamiPress (WordPress) up to version 6.8.6. Root cause: SQL Injection via the achievement_types parameter in the gamipress_earnings shortcode, caused by insufficient escaping and inadequate SQL query preparation. Impact per sources: authenticated users with contributor-level ...

8.8CVSS8.9AI score0.00956EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/11/30 4:49 p.m.34 views

CVE-2023-47853

CVE-2023-47853 is a Stored XSS in the WordPress plugin myCred – Points, Rewards, Gamification, Ranks, Badges & Loyalty Plugin. The vulnerability stems from improper neutralization of input during web page generation, enabling attackers to inject scripts. Affected versions are up to 2.6.1; the iss...

6.5CVSS6.7AI score0.00385EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/07/18 12:0 a.m.23 views

myCred – Points, Rewards, Gamification, Ranks, Badges & Loyalty Plugin < 2.5.1 - Cross-Site Request Forgery

Description The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS6.5AI score0.00248EPSS
Exploits0Affected Software1
Prion
Prion
added 2023/02/13 5:15 p.m.19 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF in OptinlyHQ Optinly – Exit Intent, Newsletter Popups, Gamification & Opt-in Forms plugin = 1.0.15 versions...

6.8CVSS8.8AI score0.0028EPSS
Exploits0References1Affected Software1
Snyk
Snyk
added 2022/08/11 11:43 a.m.1 views

Malicious Package

Overview profile-nft-gamification is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

9.8CVSS7.1AI score
Exploits0References3
Akamai Blog
Akamai Blog
added 2022/08/04 1:0 p.m.16 views

Cybersecurity Issues in the Gaming Industry Portend Metaverse Challenges

The metaverse has greatly expanded the threat landscape. As industries gamify, gaming’s cybersecurity issues become a checklist for the future...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2022/06/22 12:49 p.m.43 views

Gamification of Ethical Hacking and Hacking Esports

While ethical hacking is by no means a new or groundbreaking practice, the scale at which organizations and individuals are undertaking such initiatives continues to intensify, especially considering recent events such as the log4j vulnerability. Traditionally, ethical hacking is undertaken by...

7.3AI score
Exploits0References4
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:8 p.m.3 views

Malicious code in profile-nft-gamification (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 37710620e91bbba317c045b70e448937826b6a44304c5e388dc97727a4b9da57 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
Kitploit
Kitploit
added 2020/12/02 11:30 a.m.81 views

Hacktory platform packed with new game-playing features

Without practice, theory is dead. Applied knowledge is essential in any area, especially in cybersecurity, and practice is the only way to make learning worthwhile. There are so many courses to fit any demand. However, boring lectures, outdated textbooks, and vague, complex tasks become obstacles...

7AI score
Exploits0
Kitploit
Kitploit
added 2020/02/06 11:30 a.m.159 views

Misp-Dashboard - A Dashboard For A Real-Time Overview Of Threat Intelligence From MISP Instances

A dashboard showing live data and statistics from the ZMQ feeds of one or more MISP instances. The dashboard can be used as a real-time situational awareness tool to gather threat intelligence information. The misp-dashboard includes a gamification tool to show the contributions of each...

7.1AI score
Exploits0References1
Microsoft Secure
Microsoft Secure
added 2020/01/14 5:0 p.m.29 views

Rethinking cyber scenarios—learning (and training) as you defend

In two recent posts I discussed with Circadence the increasing importance of gamification for cybersecurity learning and how to get started as a practitioner while being supported by an enterprise learning officer or security team lead. In this third and final post in the series, Keenan and I...

7.1AI score
Exploits0
OSV
OSV
added 2020/01/08 3:10 a.m.95 views

GHSA-769F-539V-F5JG PrestaShop gamification module ZIP archives were vulnerable from CVE-2017-9841

Impact We have identified that some gamification module ZIP archives have been built with phpunit dev dependencies. PHPUnit contains a php script that would allow, on a webserver, an attacker to perform a RCE. This vulnerability impacts - phpunit before 4.8.28 and 5.x before 5.6.3 as reported in...

8.9AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2020/01/08 3:10 a.m.158 views

PrestaShop gamification module ZIP archives were vulnerable from CVE-2017-9841

Impact We have identified that some gamification module ZIP archives have been built with phpunit dev dependencies. PHPUnit contains a php script that would allow, on a webserver, an attacker to perform a RCE. This vulnerability impacts - phpunit before 4.8.28 and 5.x before 5.6.3 as reported in...

9.8CVSS0.6AI score0.99999EPSS
Exploits19References4Affected Software1
Microsoft Secure
Microsoft Secure
added 2019/11/25 5:0 p.m.41 views

Rethinking cyber learning—consider gamification

As promised, I’m back with a follow-up to my recent post, Rethinking how we learn security, on how we need modernize the learning experience for cybersecurity professionals by gamifying training to make learning fun. Some of you may have attended the recent Microsoft Ignite events in Orlando and...

6.9AI score
Exploits0
ThreatPost
ThreatPost
added 2019/09/02 12:0 p.m.175 views

Gamification Can Transform Company Cybersecurity Culture

Chief information security officers CISOs of Global 2000 enterprises have one of the toughest jobs in the world, defending their organization’s cyberspace and being the guardian of its assets and private information. But CISOs also have a second, even bigger problem: Their own company employees...

Exploits0References3
Schneier on Security
Schneier on Security
added 2019/03/12 11:38 a.m.46 views

On Surveillance in the Workplace

Data & Society just published a report entitled "Workplace Monitoring & Surveillance": This explainer highlights four broad trends in employee monitoring and surveillance technologies: Prediction and flagging tools that aim to predict characteristics or behaviors of employees or that are designed...

0.2AI score
Exploits0
n0where
n0where
added 2018/03/19 12:40 a.m.35 views

Intentionally Insecure Webapp for Security Training: OWASP Juice Shop

OWASP Juice Shop is an intentionally insecure webapp for security trainings written entirely in JavaScript which encompasses the entire OWASP Top Ten and other severe security flaws. Juice Shop is written in Node.js, Express and AngularJS. It was the first application written entirely in JavaScri...

0.4AI score
Exploits0References6
The Hacker News
The Hacker News
added 2014/03/28 5:10 a.m.10 views

Hacker's Dome - Gamification the Information Security

When it comes to Information Security, there's a great way to learn, train and keep sharp your skills. This can be done using gamification mechanics to speed up the learning curve and improve retention rate. Capture The Flag competitions use gamification mechanics and represent one of the best wa...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2013/05/22 1:14 p.m.10 views

Hack Battle at 'The Hacker Conference 2013' with CTF365

The Hacker Conference partnered up with CTF365 to provide the best CTF experience during the conference. While trying to find out more about their product and also about their CTF surprise, I got an interview with Marius Corici Co-founder and CEO for CTF365. Q: November 2012 was when you first...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2013/05/22 2:14 a.m.15 views

Hack Battle at 'The Hacker Conference 2013' with CTF365

The Hacker Conference partnered up with CTF365 to provide the best CTF experience during the conference. While trying to find out more about their product and also about their CTF surprise, I got an interview with Marius Corici Co-founder and CEO for CTF365. Q: November 2012 was when you first...

6.5AI score
Exploits0
Rows per page
Query Builder