EUVD-2020-18817

Malware in sbrugna...

EUVD-2024-53539

Malicious code in bioql PyPI...

BIT-JOOMLA-2023-40626 [20231101] - Core - Exposure of environment variables

The language file parsing process could be manipulated to expose environment variables. Environment variables might contain sensible information...

CVE-2024-57178

An SQL injection vulnerability exists in Stock-Forecaster =01-04-2020. By sending a specially crafted 'stock-symbol' parameter to the portofolio endpoint, it is possible to trigger an SQL injection in the application. As a result, the attacker will be able the user data or manipulate the software...

CVE-2024-57178

CVE-2024-57178 affects Stock-Forecaster; the vulnerability is an SQL injection in the portofolio() endpoint triggered by a crafted stock-symbol parameter. Affected versions are

Insecure Permissions

com.xuxueli, xxl-job-core is vulnerable to Insecure Permissions. The vulnerability is due to improper access control and validation in the Sub-Task ID component. This allowing attackers to manipulate it to execute arbitrary code by crafting malicious input...

Security Guard CMS QT 4.7.3 - Stack Overflow Vulnerability

Document Title: =============== Security Guard CMS QT 4.7.3 - Stack Overflow Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1085 Release Date: ============= 2013-09-23 Vulnerability Laboratory ID VL-ID: ====================================...

Blind Attack On Wireless Insulin Pumps Could Deliver Lethal Dose

Barnaby Jack, famous for getting ATMs to disgorge an avalanche of cash on stage at the Black Hat Briefings, says he has developed an attack that could be used to deliver a lethal dose of insulin to diabetics using the embedded pumps. Jack, a security researcher at McAfee, demonstrated the hack at...

StarMoney Banking Software v8.0 - Multiple Vulnerabilities

Document Title: =============== StarMoney Banking Software v8.0 - Multiple Vulnerabilities References Source: ==================== Download: http://www.vulnerability-lab.com/resources/videos/258.wmv View: http://www.youtube.com/watch?v=Bymh3ct1v4g Release Date: ============= 2011-08-30...

Clickjacking attacks may be carried out against internal opera: URLs

Internal opera: URLs which may be used to modify the Opera configuration have some intentional restrictions that are designed to mitigate possible clickjacking attacks. Certain manipulations can trick Opera into bypassing those restrictions, which would then allow clickjacking attacks to be carri...

Pointter PHP Micro-Blogging Social Network Unauthorized Privilege

Exploit for php platform in category web applications 'Pointter PHP Micro-Blogging Social Network' Unauthorized Privilege Escalation CVE-2010-4333 Mark Stanislav - email protected I. DESCRIPTION --------------------------------------- A vulnerability exists in the 'Pointter PHP Micro-Blogging...

Pointter PHP Micro-Blogging Social Network - Unauthorized Privilege Escalation

'Pointter PHP Micro-Blogging Social Network' Unauthorized Privilege Escalation CVE-2010-4333 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in the 'Pointter PHP Micro-Blogging Social Network' authentication system which allo...

Cafe free line, Account Card money own plus-vulnerability warning-the black bar safety net

| Currently, the cafe became a student of the Internet“playful”, whenever school time comes, everyone is like“rush”and ran to the cafe to grab a machine with Internet access, but the long down, the summary is calculated to the Internet overhead, but makes all the students feel bad endless. But th...

CVE-2000-0351

The vulnerability CVE-2000-0351 affects SCO UnixWare 7.1.0 packaging commands that grant insecure privileges, enabling local users to add or remove software packages. Connected sources (NVD, CVE List, CVE record, EUVD) corroborate that this is a local-privilege issue impacting the packaging subsy...