3 matches found
CVE-2024-48415
itsourcecode Loan Management System v1.0 is vulnerable to Cross Site Scripting XSS via a crafted payload to the lastname, firstname, middlename, address, contactno, email and taxid parameters in new borrowers functionality on the Borrowers page...
IRS COVID-19 Relief Payment Deadlines Anchor Convincing Phish
A credential-phishing email campaign is making the rounds, using the lure of coronavirus tax relief to scam people into giving up their personal information. The data-harvesting cybercriminals are looking to take advantage of the Internal Revenue Service IRS deadlines that are approaching for...
Mail.ru: Пользователь может просматривать, удалять и изменять данные любой компании перебирая domain_id [biz.mail.ru]
An IDOR vulnerability in biz.mail.ru allowed to partially manipulate billing data tax id, addresses of arbitrary company...