7 matches found
EUVD-2023-27695
Malicious code in bioql PyPI...
Format string
BlueCat Device Registration Portal 2.2 allows XXE attacks that exfiltrate single-line files. A single-line file might contain credentials, such as "machine example.com login daniel password qwerty" in the documentation example for the .netrc file format. NOTE: 2.x versions are no longer supported...
CVE-2023-23595
BlueCat Device Registration Portal 2.2 allows XXE attacks that exfiltrate single-line files. A single-line file might contain credentials, such as "machine example.com login daniel password qwerty" in the documentation example for the .netrc file format. NOTE: 2.x versions are no longer supported...
BlueCat Networks Device Registration Portal 代码问题漏洞
BlueCat Networks Device Registration Portal is a standalone application from BlueCat Networks, Inc. for auditing and tracking all devices attempting to connect to the network. A security vulnerability exists in BlueCat Networks Device Registration Portal version 2.2 that stems from an XXE attack...
CVE-2023-23595
CVE-2023-23595 affects BlueCat Device Registration Portal (DRP) 2.2. The issue is an XXE vulnerability that can exfiltrate single-line files (for example, a line that could contain credentials in a .netrc-like format). Public details consistently describe the vulnerable component as the DRP and c...
MTN Group: There is no rate limit for SME REGISTRATION PORTAL
Summary: The speed limit for the https://mtngbissau.com/registo/ endpoint has not been implemented. Steps To Reproduce: 1. Go to the https://mtngbissau.com/registo/ 2. fill out the Registration form 3. Send request to Intruder. 4. Set your payloads and start attack. 5. There is no rate-limit...
Identity Thieves Used Leaked PII to Steal ADP Payroll Info
Cybercriminals accessed a W-2 portal maintained by payroll company ADP recently to glean sensitive information about employees at a handful of companies. The company is stressing that the company itself wasn’t hacked, but that it appears identity thieves may have been able to create ADP accounts ...