Lucene search
K

239 matches found

Patchstack
Patchstack
added 2024/01/16 12:0 a.m.9 views

WordPress Delhivery Logistics Courier Plugin <= 1.0.107 is vulnerable to SQL Injection

Software Delhivery Logistics Courier Type Plugin Vulnerable versions = 1.0.107 Fixed in N/A OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-22283 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID fb6909b3979e Credits Yudistira Arya Required privilege...

8.8CVSS6.8AI score0.00544EPSS
Exploits0References1Affected Software1
Openbugbounty
Openbugbounty
added 2023/12/18 11:46 a.m.2 views

indianlogisticsinfo.com Cross Site Scripting vulnerability OBB-3817931

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
The Hacker News
The Hacker News
added 2023/11/10 7:11 a.m.52 views

Iran-Linked Imperial Kitten Cyber Group Targeting Middle East's Tech Sectors

A group with links to Iran targeted transportation, logistics, and technology sectors in the Middle East, including Israel, in October 2023 amid a surge in Iranian cyber activity since the onset of the Israel-Hamas war. The attacks have been attributed by CrowdStrike to a threat actor it tracks...

7.7AI score
Exploits0
CNVD
CNVD
added 2023/11/10 12:0 a.m.13 views

SQL Injection Vulnerability in Intelligent Logistics Unattended System of Taiyuan ECS Software Technology Co. Ltd (CNVD-2023-99600)

Intelligent logistics unattended system is an intelligent information platform for the unified control of raw material procurement, finished product sales and in-plant logistics for process manufacturing enterprises. There is a SQL injection vulnerability in the Intelligent Logistics Unattended...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2023/10/26 7:24 a.m.40 views

Iranian Group Tortoiseshell Launches New Wave of IMAPLoader Malware Attacks

The Iranian threat actor known as Tortoiseshell has been attributed to a new wave of watering hole attacks that are designed to deploy a malware dubbed IMAPLoader. "IMAPLoader is a .NET malware that has the ability to fingerprint victim systems using native Windows utilities and acts as a...

6.9AI score
Exploits0
CNVD
CNVD
added 2023/09/28 12:0 a.m.5 views

Arbitrary File Read Vulnerability in ECS Intelligent Logistics Unattended System

ECS Intelligent Logistics Unattended System is an intelligent information platform for the unified control of raw material procurement, finished product sales and in-plant logistics for process manufacturing enterprises. There is an arbitrary file read vulnerability in the ECS Intelligent Logisti...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/09/07 3:39 a.m.18 views

New Variant of Chaes Malware ‘Chae$ 4’ Targeting Financial and Logistics Sectors

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new Chaes malware variant, "Chae$ 4," targeting logistics, finance, and prominent platforms has emerged with enhanced capabilities, including Python-based architecture and an expanded range of targeted...

6.9AI score
Exploits0
The Hacker News
The Hacker News
added 2023/09/05 12:19 p.m.40 views

New Python Variant of Chaes Malware Targets Banking and Logistics Industries

Banking and logistics industries are under the onslaught of a reworked variant of a malware called Chaes. "It has undergone major overhauls: from being rewritten entirely in Python, which resulted in lower detection rates by traditional defense systems, to a comprehensive redesign and an enhanced...

6.6AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/08/23 8:8 p.m.5 views

hess-logistics.com Cross Site Scripting vulnerability OBB-3614338

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
CNVD
CNVD
added 2023/08/23 12:0 a.m.14 views

File Upload Vulnerability in Intelligent Logistics Unattended System of Taiyuan ECS Software Technology Co.

Intelligent logistics unattended system is an intelligent information platform for the unified control of raw material procurement, finished product sales and in-plant logistics for process manufacturing enterprises. There is a file upload vulnerability in the Intelligent Logistics Unattended...

6.9AI score
Exploits0
NVD
NVD
added 2023/08/04 5:15 p.m.78 views

CVE-2023-38689

Logistics Pipes is a modification a.k.a. mod for the computer game Minecraft Java Edition. The mod used Java's ObjectInputStreamreadObject on untrusted data coming from clients or servers over the network resulting in possible remote code execution when sending specifically crafted network packet...

9.8CVSS8.8AI score0.01211EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/08/04 4:21 p.m.19 views

CVE-2023-38689 Deserialization of Untrusted Data in network IO

Logistics Pipes is a modification a.k.a. mod for the computer game Minecraft Java Edition. The mod used Java's ObjectInputStreamreadObject on untrusted data coming from clients or servers over the network resulting in possible remote code execution when sending specifically crafted network packet...

8.1CVSS9.7AI score0.01211EPSS
Exploits0References3
CVE
CVE
added 2023/08/04 4:21 p.m.51 views

CVE-2023-38689

Summary (CVE-2023-38689): Logistics Pipes (Minecraft Java Edition mod) suffers a deserialization vulnerability due to Java’s ObjectInputStream#readObject on untrusted data over the network, enabling potential remote code execution. Affected versions are 0.7.0.91 to 0.10.0.71; fix applied in 0.10....

9.8CVSS9.2AI score0.01211EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/08/04 4:21 p.m.37 views

CVE-2023-38689 Deserialization of Untrusted Data in network IO

Logistics Pipes is a modification a.k.a. mod for the computer game Minecraft Java Edition. The mod used Java's ObjectInputStreamreadObject on untrusted data coming from clients or servers over the network resulting in possible remote code execution when sending specifically crafted network packet...

8.1CVSS9.6AI score0.01211EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/08/04 12:0 a.m.8 views

PT-2023-26553 · Mojang · Minecraft

Name of the Vulnerable Software and Affected Versions: Logistics Pipes versions 0.7.0.91 through 0.10.0.71 Description: The issue is related to the use of Java's ObjectInputStreamreadObject on untrusted data coming from clients or servers over the network, resulting in possible remote code...

9.8CVSS9.6AI score0.01211EPSS
Exploits0References6
CNNVD
CNNVD
added 2023/08/04 12:0 a.m.6 views

Logistics Pipes Code Issue Vulnerability

Logistics Pipes is a component of mcrs485 Personal Developer. A code issue vulnerability exists in Logistics Pipes that stems from a vulnerability that could lead to remote code execution...

9.8CVSS7.9AI score0.01211EPSS
Exploits0References4
The Hacker News
The Hacker News
added 2023/08/03 9:20 a.m.40 views

"Mysterious Team Bangladesh" Targeting India with DDoS Attacks and Data Breaches

A hacktivist group known as Mysterious Team Bangladesh has been linked to over 750 distributed denial-of-service DDoS attacks and 78 website defacements since June 2022. "The group most frequently attacks logistics, government, and financial sector organizations in India and Israel,"...

6.7AI score
Exploits0
Packet Storm
Packet Storm
added 2023/07/27 12:0 a.m.247 views

AMS Logistics 2.2 SQL Injection

==================================================================================================================================== | Title : AMS LOGISTICS 2.2 SQL injection Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 69.032-bit | |...

7.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/07/05 10:54 p.m.13 views

xds-logistics.com Cross Site Scripting vulnerability OBB-3479880

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
The Hacker News
The Hacker News
added 2023/05/24 1:49 p.m.35 views

Iranian Tortoiseshell Hackers Targeting Israeli Logistics Industry

At least eight websites associated with shipping, logistics, and financial services companies in Israel were targeted as part of a watering hole attack. Tel Aviv-based cybersecurity company ClearSky attributed the attacks with low confidence to an Iranian threat actor tracked as Tortoiseshell,...

6.8AI score
Exploits0
Rows per page
Query Builder