5327 matches found
CVE-2021-25764
In JetBrains PhpStorm before 2020.3, source code could be added to debug logs...
CVE-2021-25764
PhpStorm (JetBrains) before 2020.3 is affected: the issue lets source code be written into debug logs (“Source code could be added to debug logs”). The vulnerability affects PhpStorm’s logging path and can lead to information disclosure via logs. The issue is tracked as CVE-2021-25764. Remediatio...
Mimecast: SolarWinds Attackers Stole Source Code
Hackers who compromised Mimecast networks as part of the SolarWinds espionage campaign have swiped some of the security firm’s source code repositories, according to an update by the company. The email security firm initially reported that a certificate compromise in January was part of the...
Mimecast Finds SolarWinds Hackers Stole Some of Its Source Code
Email security firm Mimecast on Tuesday revealed that the state-sponsored SolarWinds hackers who broke into its internal network also downloaded source code out of a limited number of repositories. "The threat actor did access a subset of email addresses and other contact information and hashed a...
Mimecast Finds SolarWinds Hackers Stole Some of Its Source Code
Email security firm Mimecast on Tuesday revealed that the state-sponsored SolarWinds hackers who broke into its internal network also downloaded source code out of a limited number of repositories. "The threat actor did access a subset of email addresses and other contact information and hashed a...
Online News Portal 1.0 Cross Site Scripting Vulnerability
Online News Portal version 1.0 suffers from a persistent cross site scripting vulnerability. Original discovery of persistent cross site scripting in this version was made by Parshwa Bhavsar in December of 2020. Exploit Title: Online News Portal | Stored Cross-Site Scripting Exploit Author: Richa...
Monitoring Of Students Cyber Accounts System 1.0 Cross Site Scripting
Exploit Title: Monitoring of Students Cyber Accounts System | Stored XSS Exploit Author: Richard Jones Date: 2021-03-12 Vendor Homepage: https://www.sourcecodester.com/php/11743/monitoring-students-cyber-accounts.html Software Link:...
Monitoring Of Students Cyber Accounts System 1.0 SQL Injection
Exploit Title: Monitoring of Students Cyber Accounts System | 'un' SQL Injection Exploit Author: Richard Jones Date: 2021-03-12 Vendor Homepage: https://www.sourcecodester.com/php/11743/monitoring-students-cyber-accounts.html Software Link:...
Monitoring System (Dashboard) 1.0 SQL Injection
Exploit Title: Monitoring System Dashboard | SQL Injection uname parameter Exploit Author: Richard Jones Date: 2021-01-26 Vendor Homepage: https://www.sourcecodester.com/php/11741/monitoring-system-dashboard.html Software Link:...
Monitoring Of Students Cyber Accounts System 1.0 SQL Injection Vulnerability
Exploit Title: Monitoring of Students Cyber Accounts System | 'un' SQL Injection Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/11743/monitoring-students-cyber-accounts.html Software Link:...
Monitoring System (Dashboard) 1.0 - 'uname' SQL Injection
Exploit Title: Monitoring System Dashboard 1.0 - 'uname' SQL Injection Exploit Author: Richard Jones Date: 2021-01-26 Vendor Homepage: https://www.sourcecodester.com/php/11741/monitoring-system-dashboard.html Software Link:...
Monitoring System (Dashboard) 1.0 - uname SQL Injection Vulnerability
Exploit Title: Monitoring System Dashboard 1.0 - 'uname' SQL Injection Exploit Author: Richard Jones Vendor Homepage: https://www.sourcecodester.com/php/11741/monitoring-system-dashboard.html Software Link:...
SYS.1.3.A5
Wenn zu installierende Software aus Quellcode kompiliert werden soll, DARF diese NUR unter einem unprivilegierten Benutzeraccount entpackt, konfiguriert und uebersetzt werden. Anschliessend DARF diezu installierende Software NICHT unkontrolliert in das Wurzeldateisystem des Servers installiert...
Sticky Notes Apps Using JavaScript 1.0 Cross Site Scripting
Exploit Title: Sticky Note Apps using JavaScript | Stored Cross Site Scripting Exploit Author: Richard Jones Date: 2021-03-09 Vendor Homepage: https://www.sourcecodester.com/javascript/14742/sticky-note-apps-using-javascript-source-code.html Software Link:...
Hotel And Lodge Management System 1.0 Shell Upload
Exploit Title: Hotel and Lodge Management System 1.0 - Remote Code Execution Unauthenticated Date: 07-03-2021 Exploit Author: Christian Vierschilling Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/13707/hotel-and-lodge-management-system.html...
Online Ordering System 1.0 Shell Upload
Exploit Title: Online Ordering System 1.0 - Arbitrary File Upload to Remote Code Execution Date: 04/03/2021 Exploit Author: Suraj Bhosale Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/5125/online-ordering-system-using-phpmysql.html Version: 1.0...
Gab's CTO Introduced a Critical Vulnerability to the Site
A review of the open source code shows an account under the executive's name made a mistake that could lead to the kind of breach reported this weekend...
Threatspec - Continuous Threat Modeling, Through Code
Threatspec is an open source project that aims to close the gap between development and security by bringing the threat modelling process further into the development process. This is achieved by having developers and security engineers write threat modeling annotations as comments inside source...
OWASP ASST (Automated Software Security Toolkit) - A Novel Open Source Web Security Scanner
OWASP ASST Automated Software Security Toolkit | A Novel Open Source Web Security Scanner. Note: AWSS is the older name of ASST Introduction Web applications have become an integral part of everyday life, but many of these applications are deployed with critical vulnerabilities that can be fatall...
Covid-19 Contact Tracing System 1.0 - Remote Code Execution Exploit
Exploit Title: Covid-19 Contact Tracing System 1.0 - Remote Code Execution Unauthenticated Exploit Author: Christian Vierschilling Vendor Homepage: https://www.sourcecodester.com Software Link:...