Code injection

IBM Security Verify Information Queue 1.0.6 and 1.0.7 discloses sensitive information in source code that could be used in further attacks against the system. IBM X-Force ID: 196185...

IBM Security Verify Information Queue 信息泄露漏洞

IBM Security Verify Information Queue is a cross-product integrator that leverages Kafka technology and a publish/subscribe model to integrate data between IBM security products. An information disclosure vulnerability exists in IBM Security Verify Information Queue. An attacker could exploit thi...

Cyberpunk 2077 Maker Was Hit With Ransomware—and Won't Pay Up

CD Projekt Red's list of woes gets longer, as hackers claim to have stolen the source code for their most popular games...

Buffer overflow

A vulnerability has been identified in APOGEE PXC Compact BACnet All versions V3.5.5, APOGEE PXC Compact P2 Ethernet All versions V2.8.20, APOGEE PXC Modular BACnet All versions V3.5.5, APOGEE PXC Modular P2 Ethernet All versions V2.8.20, Nucleus NET All versions V5.2, Nucleus ReadyStart V3 All...

CD Projekt ransomware attack – Cyberpunk 2077 source code allegedly stolen

By Waqas The Polish video game developer CD Projekt, known for games like Cyberpunk 2077, has fallen victim to a ransomware attack. This is a post from HackRead.com Read the original post: CD Projekt ransomware attack - Cyberpunk 2077 source code allegedly stolen...

Cyberpunk 2077 developer hit by ransomware

CD PROJEKT RED, the game developer behind Cyberpunk 2077, announced earlier on Twitter that it has fallen victim to a targeted ransomware attack. The company says it has backups for the affected systems and does not intend to pay the ransom. In their ransom note the attackers boast that they have...

Cyberpunk 2077 Publisher Hit with Hack, Ransomware

UPDATE CD Projekt Red, the videogame-development company behind Cyberpunk 2077 and the wildly popular Witcher series, has suffered a ransomware attack that could soon result in troves of company data being dumped online – including game source code. The Warsaw-based company tweeted out a notice o...

CVE-2020-28388

A vulnerability has been identified in APOGEE PXC Compact BACnet All versions V3.5.5, APOGEE PXC Compact P2 Ethernet All versions V2.8.20, APOGEE PXC Modular BACnet All versions V3.5.5, APOGEE PXC Modular P2 Ethernet All versions V2.8.20, Nucleus NET All versions V5.2, Nucleus ReadyStart V3 All...

PT-2021-7763 · Unknown · Nucleus Net +7

Name of the Vulnerable Software and Affected Versions: APOGEE PXC Compact BACnet versions prior to V3.5.5 APOGEE PXC Compact P2 Ethernet versions prior to V2.8.20 APOGEE PXC Modular BACnet versions prior to V3.5.5 APOGEE PXC Modular P2 Ethernet versions prior to V2.8.20 Nucleus NET versions prior...

[SECURITY] Fedora 32 Update: python-pygments-2.4.2-8.fc32

Pygments is a generic syntax highlighter for general use in all kinds of software such as forum systems, wikis or other applications that need to prettify source code. Highlights are: a wide range of common languages and markup formats is supported special attention is paid to details that increa...

Cybersecurity firm Stormshield breach; customer data, source code stolen

By Saad Rajpoot Stormshield suspects that there is a possibility that the attacker has the Technical Exchanges and Personal Data of the users. A French cybersecurity firm Stormsheild has identified a security breach. The breach affected their technical portal which is used by the users for the...

Flawfinder - A Static Analysis Tool For Finding Vulnerabilities In C/C++ Source Code

This is "flawfinder" by David A. Wheeler. Flawfinder is a simple program that scans C/C++ source code and reports potential security flaws. It can be a useful tool for examining software for vulnerabilities, and it can also serve as a simple introduction to static source code analysis tools more...

Online Reviewer System 1.0 SQL Injection / Shell Upload

!/bin/bash Exploit Title: Online Reviewer System PHPPDO - RCE & ADMIN BYPASS Exploit Author: Richard Jones Date: 2021-01-31 Vendor Homepage: https://www.sourcecodester.com/php/12937/online-reviewer-system-using-phppdo.html Software Link:...

PT-2022-17695 · Grafana +2 · Grafana +2

Name of the Vulnerable Software and Affected Versions: Grafana versions through 7.3.4 Description: An issue was discovered in Grafana when integrated with Zabbix, allowing the Zabbix password to be found in the "api jsonrpc.php" HTML source code. When a user logs in and is allowed to register, on...

Simple Public Chat Room 1.0 - 'msg' Stored Cross-Site Scripting

Exploit Title: Simple Public Chat Room 1.0 - 'msg' Stored Cross-Site Scripting Exploit Author: Richard Jones Date: 2021-01-26 Vendor Homepage: https://www.sourcecodester.com/php/12295/simple-public-chat-room-using-php.html Software Link:...

Simple College Website 1.0 - 'full' Stored Cross Site Scripting

Exploit Title: Simple College Website 1.0 - 'full' Stored Cross Site Scripting Exploit Author: Marco Catalano @stunn4 Date: 2021-01-25 Vendor Homepage: https://www.sourcecodester.com/php/7772/simple-college-website-using-php-and-mysql.html Software Link:...

Library System 1.0 - 'category' SQL Injection

Exploit Title: Library System 1.0 - 'category' SQL Injection Exploit Author: Aitor Herrero Date: 2021-01-22 Vendor Homepage: https://www.sourcecodester.com/php/12275/library-system-using-php.html Software Link: https://www.sourcecodester.com/php/12275/library-system-using-php.html Version: 1.0...

Arbitrary File Read Vulnerability in SongCMS

SongCMS is a free and open source CMS based on PHP+MySQL, ASP+Access/SQL Server development, enterprise-oriented, multi-language support. SSongCMS arbitrary file reading vulnerability , an attacker can use the vulnerability to read the site source code , any file...

Cross site scripting

Employee Performance Evaluation System in PHP/MySQLi with Source Code 1.0 is affected by cross-site scripting XSS in the Employees, First Name and Last Name fields...

CVE-2020-35271

CVE-2020-35271 affects the Employee Performance Evaluation System in PHP/MySQLi with Source Code 1.0. The vulnerability is a Cross-Site Scripting (XSS) flaw in the Employees, First Name, and Last Name fields. Exploitation details are not provided in the connected documents, and no remediation or ...