tickets SQL注入漏洞

Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of tickets prior to 3.44.2 contained a SQL injection vulnerability. This vulnerability stemmed from the fact that the values of latitude, longitude, callsign, mph, altitude, and timestamp,...

Anti-ICE Site GTFO ICE Accused of Exposing Data of 17,000+ Activists

An anti-ICE website, GTFO ICE, linked to Miles Taylor, is accused of exposing the personal details of 17,662 activists, sparking concerns that the data may have reached government agencies...

CVE-2021-41557

Sofico Miles RIA 2020.2 Build 127964T is affected by Stored Cross Site Scripting XSS. An attacker with access to a user account of the RIA IT or the Fleet role can create a crafted work order in the damage reports section or change existing work orders. The XSS payload is in the work order number...

Everest ransomware claims breach at Spain’s national airline Iberia with 596 GB data theft

Everest claims large breaches at Iberia and Air Miles España with major data taken from both travel platforms placing millions of users at risk...

EUVD-2001-0554

Malware in sbrugna...

EUVD-2021-28575

Malicious code in bioql PyPI...

PT-2025-35075

Name of the Vulnerable Software and Affected Versions: Miles All Bootstrap Blocks versions through 1.3.28 Description: A missing authorization issue exists in Miles All Bootstrap Blocks, allowing exploitation of incorrectly configured access control security levels. Recommendations: At the moment...

MAL-2024-1380 Malicious code in tcm-app-migration-miles-react (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9025c83532f86e4420c8cd88f4f408a7857044b1f990a20c9a64fa0cc2ea902f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Free Airline Miles, Hotel Points, and User Data Put at Risk by Flaws in Points Platform

Flaws in the Points.com platform, which is used to manage dozens of major travel rewards programs, exposed user data—and could have let an attacker snag some extra perks...

CVE-2021-41557

Sofico Miles RIA 2020.2 Build 127964T is affected by Stored Cross Site Scripting XSS. An attacker with access to a user account of the RIA IT or the Fleet role can create a crafted work order in the damage reports section or change existing work orders. The XSS payload is in the work order number...

Cross site scripting

Sofico Miles RIA 2020.2 Build 127964T is affected by Stored Cross Site Scripting XSS. An attacker with access to a user account of the RIA IT or the Fleet role can create a crafted work order in the damage reports section or change existing work orders. The XSS payload is in the work order number...

CVE-2021-41557

Sofico Miles RIA 2020.2 Build 127964T is affected by Stored Cross Site Scripting XSS. An attacker with access to a user account of the RIA IT or the Fleet role can create a crafted work order in the damage reports section or change existing work orders. The XSS payload is in the work order number...

CVE-2021-41557

CVE-2021-41557 affects Sofico Miles RIA 2020.2, build 127964T. The vulnerability is a Stored Cross Site Scripting (XSS) flaw in the work order number field within the damage reports section, exploitable by an attacker who already has a user account with IT or Fleet role access. The impact is desc...

Sofico Miles RIA 2020.2 Build 127964T Cross Site Scripting Vulnerability

Sofico Miles RIA version 2020.2 build 127964T suffers from a persistent cross site scripting vulnerability. ======================================================================= title: Stored Cross Site Scripting product: Sofico Miles RIA vulnerable version: 2020.2 build 127964T fixed version:...

Sofico Miles RIA 2020.2 Build 127964T Cross Site Scripting

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Stored Cross Site Scripting product: Sofico Miles RIA vulnerable version: 2020.2 build 127964T fixed version: 2020.2 build 128076 or higher CVE number: CVE-2021-41557...

Sofico Miles Ria跨站脚本漏洞

Sofico Miles Ria is a car rental management software from Sofico Belgium. A security vulnerability exists in Sofico Miles RIA version 2020.2 build 127964T, which allows an attacker to create a malicious work order in the damase report section or change an existing work order using a malicious...

miles-immobilier.co.uk Improper Access Control vulnerability OBB-2228550

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Flight Booking System Flaw Affected Customers of 141 Airlines Worldwide

Almost half of the fight travelers around the world were found exposed to a critical security vulnerability discovered in online flight ticket booking system that allowed remote hackers to access and modify their travel details and even claim their frequent flyer miles. Israeli network security...

Thousands of stolen frequent flyer miles of top airlines sold on Dark Web

By Waqas Dark Web has become a business hub for malicious hackers and cybercriminals. It seems like there is nothing that is spared from the prying eyes of cybercriminals and the Dark Web has become a thriving ground for all types of illegally acquired data and criminals activities. However, this...

bikewashington.org XSS vulnerability

Vulnerable URL: http://bikewashington.org/canal/pda/miles.php?mile=1/-///'/"//--...