3 matches found
Publish Your Threat Models! the Benefits Far Outweigh the Dangers
Threat modeling has long guided software development work, and we consider how Public Threat Models PTM can convey useful security information to others. We list some early adopter precedents, explain the many benefits, address potential objections, and cite regulatory drivers. Internal threat...
CVE-2024-11138 DedeCMS friendlink_add.php unrestricted upload
A vulnerability classified as problematic has been found in DedeCMS 5.7.116. This affects an unknown part of the file /dede/uploads/dede/friendlinkadd.php. The manipulation of the argument logoimg leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been...
CVE-2024-4973 code-projects Simple Chat System register.php sql injection
A vulnerability classified as critical was found in code-projects Simple Chat System 1.0. This vulnerability affects unknown code of the file /register.php. The manipulation of the argument name/number/address leads to sql injection. The attack can be initiated remotely. The exploit has been...