MAL-2022-5215 Malicious code in parlai-mturk-task-compiler (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 01524d470a8b7dd3d7f042e28bb40d9628cdf193eff995dabd67dc4ac1082156 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in parlai-mephisto-task-compiler (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 09495931dcfc8a6bb66d0754c6551c12e6cbae08ea207828dcd98127c20c2360 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-5214 Malicious code in parlai-mephisto-task-compiler (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 09495931dcfc8a6bb66d0754c6551c12e6cbae08ea207828dcd98127c20c2360 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-6194 Malicious code in snyk-azure-pipelines-task (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b1415763e729b09889f3cb0714d88b936b6c14f499ccbdd82f5697fe861fcc1a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in cs-task-runner (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c39698ac329277055768167de3fa99bf56777d8a97481cea290407f8226eeedb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Cross-site Scripting (XSS) - Stored

Description Titra is vulnerable to Stored XSS in the Task field when creating a new task in a project. Steps to reproduce 1.In the Overview tab, click on New project button. 2.Enter a project name and click Save. 3.Move to the Tasks tab in that project and click on New Task button. 4.In the Task...

A week in security (June 6 – June 12)

Last week on Malwarebytes Labs: FBI warns of scammers soliciting donations for Ukraine Microsoft autopatch is here…but can you use it? Prometheus ransomwares flaws inspired researchers to try to build a near-universal decryption tool Rotten apples banned from App store Hackers can take over...

Flower Denial of Service Vulnerability

Flower is a Web-based, real-time monitoring and management of Celery distributed task queues. A denial of service vulnerability exists in the May 2, 2022 version of Flower and prior versions, which stems from being vulnerable to OAuth authentication bypass. An attacker can use this vulnerability ...

Simple Task Scheduling System sql injection vulnerability

Simple Task Scheduling System, a task scheduling system, is vulnerable to a SQL injection vulnerability in Simple Task Scheduling System version 1.0. An attacker can use this vulnerability to issue SQL commands to the MySQL database via the vulnerable "id" parameter...

Ransomware Task Force priorities see progress in first year

This blog is part of our live coverage from RSA Conference 2022: US President Joseph R. Biden Jr., The White House, and law enforcement agencies across the world paid close attention last year when a group of more than 60 cybersecurity experts launched the Ransomware Task Force, heeding the group...

CVE-2022-30927

A SQL injection vulnerability exists in Simple Task Scheduling System 1.0 when MySQL is being used as the application database. An attacker can issue SQL commands to the MySQL database through the vulnerable "id" parameter...

CVE-2022-30927

A SQL injection vulnerability exists in Simple Task Scheduling System 1.0 when MySQL is being used as the application database. An attacker can issue SQL commands to the MySQL database through the vulnerable "id" parameter...

CVE-2022-30927

A SQL injection vulnerability exists in Simple Task Scheduling System 1.0 when MySQL is being used as the application database. An attacker can issue SQL commands to the MySQL database through the vulnerable "id" parameter...

Sql injection

A SQL injection vulnerability exists in Simple Task Scheduling System 1.0 when MySQL is being used as the application database. An attacker can issue SQL commands to the MySQL database through the vulnerable "id" parameter...

CVE-2022-30927

CVE-2022-30927 describes a SQL injection vulnerability in the software named “Simple Task Scheduling System 1.0” when using MySQL as the application database. The vulnerability allows an attacker to issue SQL commands through the vulnerable id parameter. The connected documents confirm the affect...

CVE-2022-30927

A SQL injection vulnerability exists in Simple Task Scheduling System 1.0 when MySQL is being used as the application database. An attacker can issue SQL commands to the MySQL database through the vulnerable "id" parameter...

Simple Task Scheduling System SQL注入漏洞

Simple Task Scheduling System, a task scheduling system, is vulnerable to a SQL injection vulnerability in Simple Task Scheduling System version 1.0. An attacker can use this vulnerability to issue SQL commands to the MySQL database via the vulnerable "id" parameter...

COM-Hunter - COM Hijacking VOODOO

COM Hijacking VOODOO COM-hunter is a COM Hijacking persistnce tool written in C. This tool was inspired during the RTO course of @zeropointsecltd Features Finds out entry valid CLSIDs in the victim's machine. Finds out valid CLSIDs via Task Scheduler in the victim's machine. Finds out if someone...

Stored XSS in Task field

Description The application Titra is vulnerable to Stored XSS in Task field. Steps To Reproduce 1. Click on add Track button 2. In the Task field enter the payload " 3. click save 4. Now Click on Details 5. XSS will be triggered Image PoC...

Formula Injection/CSV Injection due to Improper Neutralization of Formula Elements in CSV File

Description Formula Injection/CSV Injection in "Task" due to Improper Neutralization of Formula Elements in CSV File. Proof of Concept 1. Click on plus track button 2. Under the task input field enter the payloads =1+1 3. Now enter the work hour as 2 4. Then click on save 5. Now go to details and...