Boom CMS v8.0.7 - Cross Site Scripting Vulnerability

Exploit Title: Boom CMS v8.0.7 - Cross Site Scripting Product & Service Introduction: =============================== Boom is a fully featured, easy to use CMS. More than 10 years, and many versions later, Boom is an intuitive, WYSIWYG CMS that makes life easy for content editors and website...

Critical Flaws in AMI MegaRAC BMC Software Expose Servers to Remote Attacks

Two more security flaws have been disclosed in AMI MegaRAC Baseboard Management Controller BMC software that, if successfully exploited, could allow threat actors to remotely commandeer vulnerable servers and deploy malware. "These new vulnerabilities range in severity from High to Critical,...

Moderate: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.11.9 security and bug fix update

Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.11.9 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS bas...

Webile v1.0.1 - Multiple Cross Site Scripting

Exploit Title: Webile v1.0.1 - Multiple Cross Site Scripting References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2321 Release Date: ============= 2023-07-03 Vulnerability Laboratory ID VL-ID: ==================================== 2321 Common Vulnerability...

Active Super Shop CMS v2.5 - HTML Injection Vulnerabilities

Exploit Title: Active Super Shop CMS v2.5 - HTML Injection Vulnerabilities References Source: https://www.vulnerability-lab.com/getcontent.php?id=2278 Release Date: 2023-07-04 Vulnerability Laboratory ID VL-ID: 2278 Common Vulnerability Scoring System: 5.4 Product & Service Introduction:...

Boom CMS v8.0.7 - Cross Site Scripting

Exploit Title: Boom CMS v8.0.7 - Cross Site Scripting References Source: https://www.vulnerability-lab.com/getcontent.php?id=2274 Release Date: 2023-07-03 Vulnerability Laboratory ID VL-ID: 2274 Product & Service Introduction: =============================== Boom is a fully featured, easy to use...

PaulPrinting CMS - (Search Delivery) Cross Site Scripting

Exploit Title: PaulPrinting CMS - Search Delivery Cross Site Scripting References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2286 Release Date: ============= 2023-07-17 Vulnerability Laboratory ID VL-ID: ==================================== 2286 Common...

ViaTalk CP - Persistent XSS Web Vulnerability

Document Title: =============== ViaTalk CP - Persistent XSS Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2314 Release Date: ============= 2023-07-20 Vulnerability Laboratory ID VL-ID: ==================================== 2314 Common...

PaulPrinting CMS - Multiple Cross Site Web Vulnerabilities

Exploit Title: PaulPrinting CMS - Multiple Cross Site Web Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2285 Release Date: ============= 2023-07-19 Vulnerability Laboratory ID VL-ID: ==================================== 2285 Common...

Moderate: Red Hat Security Advisory: VolSync 0.7.3 security fixes and enhancements

VolSync v0.7.3 enhancements and security fixes Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

Tiva Events Calender 1.4 Cross Site Scripting

Document Title: =============== Tiva Events Calender v1.4 - Cross Site Scripting Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2276 Release Date: ============= 2023-07-05 Vulnerability Laboratory ID VL-ID:...

Webile 1.0.1 Cross Site Scripting

Document Title: =============== Webile v1.0.1 - Multiple Cross Site Web Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2321 Release Date: ============= 2023-07-03 Vulnerability Laboratory ID VL-ID: ====================================...

Active Super Shop CMS 2.5 HTML Injection

Document Title: =============== Active Super Shop CMS v2.5 - HTML Injection Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2278 Release Date: ============= 2023-07-04 Vulnerability Laboratory ID VL-ID: ==================================...

PaulPrinting CMS Cross Site Scripting

Document Title: =============== PaulPrinting CMS - Search Delivery Cross Site Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2286 Release Date: ============= 2023-07-17 Vulnerability Laboratory ID VL-ID: ==================================...

WordPress WordPress Persistent Login Plugin < 2.0.15 is vulnerable to Cross Site Scripting (XSS)

Software WordPress Persistent Login Type Plugin Vulnerable versions 2.0.15 Fixed in 2.0.15 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 12dbff6dbbea Credits Rafie Muhammad...

PaulPrinting CMS - Multiple Cross Site Web Vulnerabilities

Document Title: =============== PaulPrinting CMS - Multiple Cross Site Web Vulnerabilities References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2285 Release Date: ============= 2023-07-18 Vulnerability Laboratory ID VL-ID: ===================================...

WinterCMS 1.2.2 Cross Site Scripting

Exploit Title: WinterCMS alertdocument.cookie; //P...

WinterCMS &lt; 1.2.3 - Persistent Cross-Site Scripting

Exploit Title: WinterCMS alertdocument.cookie; //Post Request...

Malicious code in proof-of-solvency-verification (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c80842c791023b79222e82ae88ac91bc92a9941cf2a6b08c29042d98fa99363b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

PicassoLoader Malware Used in Ongoing Attacks on Ukraine and Poland

Government entities, military organizations, and civilian users in Ukraine and Poland have been targeted as part of a series of campaigns designed to steal sensitive data and gain persistent remote access to the infected systems. The intrusion set, which stretches from April 2022 to July 2023,...