TREK 安全漏洞

TREK is a self-hosted, real-time collaboration travel planning tool developed by Maurice’s individual developer. It supports map management, budget tracking, and itinerary management. Versions of TREK prior to 3.0.18 contained security vulnerabilities. These vulnerabilities stemmed from the login...

Fedora: Security Advisory (FEDORA-2025-04cf139ee2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2017-7415

Malware in sbrugna...

EUVD-2008-6770

Malware in sbrugna...

EUVD-2017-7816

Malware in sbrugna...

EUVD-2007-6374

Malware in sbrugna...

EUVD-2008-5824

Malware in sbrugna...

EUVD-2010-2151

Malware in sbrugna...

EUVD-2023-26720

Malicious code in bioql PyPI...

CVE-2022-29317

Simple Bus Ticket Booking System v1.0 was discovered to contain multiple SQL injection vulnerbilities via the username and password parameters at /assets/partials/handleLogin.php...

VK.com: Обходим 2FA и/или получаем access_token, если мы когда-либо были на аккаунте жертвы

Частичный обход 2FA в некоторых случаях, имея доступ к странице. Была возможность всего один раз побывав на аккаунте в последующих случаях обходить 2FA. Хеши на https://login.vk.com/?act=grantaccess не имели срока действия и привязки к значимым параметрам аккаунта включена ли 2фа, когда посл. раз...

SQL query result set for injecting the effects and use-vulnerability and early warning-the black bar safety net

For injection purposes, the error message is extremely important. The so-called error message refers to and the correct page different results back, the master is very attention to this point, which injection point the precise judgment is essential. The ask discussed under several categories of...

Solaris 2.5.1 (sparc) : 106602-01

The remote host is missing Sun Security Patch number 106602-01 CDE 1.1: dtlogin patch for login vulnerabilities. Date this patch was last updated by Sun : Mon Sep 21 18:00:00 MDT 1998 You should install this patch for your system to be up-to-date. %NASLMINLEVEL 999999 @DEPRECATED@ This script has...

Anthill login and JavaScript vulnerabilities

Anthill login and JavaScript vulnerabilities PROGRAM: Anthill VENDOR: Vincent Danen [email protected] HOMEPAGE: http://anthill.vmlinuz.ca/ VULNERABLE VERSIONS: all TYPE: remote SEVERITY: high DESCRIPTION: "Anthill is a bug tracking database system written in PHP. It provides the standard bu...

Console 3200 telnetd problem.

Hi, I've been testing a Lightwave ConsoleServer 3200 recently, and have come across some potentially dangerous security weaknesses with the firmware. To log in to the unit, you telnet to the console server on TCP port 23 for regular user access, or 5000 for the System Administrator. When you...