WordPress Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin <= 6.2.1 - Authenticated (Administrator+) Arbitrary File Read vulnerability

Authenticated Administrator+ Arbitrary File Read vulnerability discovered by Niv Kochan in WordPress Plugin FluentForm versions = 6.2.1...

WordPress ProfilePress plugin <= 4.16.13 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Niv Kochan in WordPress Plugin ProfilePress versions = 4.16.13...

CVE-2023-46583

Cross-Site Scripting XSS vulnerability in PHPGurukul Nipah virus NiV " Testing Management System v.1.0 allows attackers to execute arbitrary code via a crafted payload injected into the State field...

CVE-2023-46583

CVE-2023-46583 affects PHPGurukul Nipah virus (NiV) Testing Management System v1.0. The issue is a Cross-Site Scripting (XSS) vulnerability in the vulnerable State field, allowing an attacker to inject a crafted payload that can execute arbitrary code. Several sources corroborate the XSS descript...

Security Bulletin: IBM Cognos BI 8.4 Partial Denial of Service Vulnerability

Abstract A malicious IBM Cognos BI 8.4 user is able to send a crafted request to the Cognos server which triggers high CPU utilization that may cause a partial denial of service condition due to CPU consumption. This vulnerability can only be exploited by authenticated users, and is not applicabl...

BlobHunter - Find Exposed Data In Azure With This Public Blob Scanner

An opensource tool for scanning Azure blob storage accounts for publicly opened blobs. BlobHunter is a part of "Hunting Azure Blobs Exposes Millions of Sensitive Files" research: https://www.cyberark.com/resources/threat-research-blog/hunting-azure-blobs-exposes-millions-of-sensitive-files Overvi...