8 matches found
CTF Archive: Capture, Curate, Learn Forever
Capture the Flag CTF competitions represent a powerful experiential learning approach within cybersecurity education, blending diverse concepts into interactive challenges. However, the short duration typically 24-48 hours and ephemeral infrastructure of these events often impede sustained...
EUVD-2022-35070
Malicious code in bioql PyPI...
EUVD-2025-4852
Malicious code in bioql PyPI...
CVE-2025-49467
A SQL injection vulnerability in JEvents component before 3.6.88 and 3.6.82.1 for Joomla was discovered. The extension is vulnerable to SQL injection via publicly accessible actions to list events by date ranges...
Updates to Layered Context Enable Teams to Quickly Understand Which Risk Signals Are Most Pressing
Layered Context introduced a consolidated view of all security risks insightCloudSec collects from the various layers of a cloud environment. This enabled our customers to go from visibility into individual security risks on a resource, to understanding all of the risks that impacted that resourc...
Design/Logic Flaw
The Getwid β Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to an insufficient capability check on the getremotetemplates function in versions up to, and including, 1.8.3. This makes it possible for authenticated attackers with subscriber-level...
Design/Logic Flaw
The CorreosExpress WordPress plugin through 2.6.0 generates log files which are publicly accessible, and contain sensitive information such as sender/receiver names, phone numbers, physical and email addresses...
U.S. Dept Of Defense: Elmah.axd is publicly accessible and leaking Error Log for ROOT on βββββ_PRD_WEB1 βββββββββelmah.axd
Description: Hello, Security team, hope you are doing well. I found out that elmah.axd is publicly accessible on ββββββββ which is leaking error log which contain cookies and server code etc. Step-by-step Reproduction Instructions 1. Go to ββββββelmah.axd and you will see the error logs. 2. Same...