[updated] A fake cloud storage alert that ends at Freecash

Last week we talked about an app that promises users they can make money testing games, or even just by scrolling through TikTok. Imagine our surprise when we ended up on a site promoting that same Freecash app while investigating a “cloud storage” phish. We’ve all probably seen one of those...

CVE-2024-1321

The EventPrime – Events Calendar, Bookings and Tickets plugin for WordPress is vulnerable to payment bypass in all versions up to, and including, 3.4.2. This is due to the plugin allowing unauthenticated users to update the status of order payments. This makes it possible for unauthenticated...

CVE-2022-40092

Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tour/admin/updatepayment.php...

CVE-2022-40092

Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /tour/admin/updatepayment.php...

Online Tours & Travels Management System SQL注入漏洞

Online Tours & Travels Management System is an online travel management system by Mayuri K. Personal developer. A SQL injection vulnerability exists in Online Tours & Travels Management System v1.0, which originates from a lack of validation of externally entered SQL statements in the id paramete...

PT-2022-25197 · Unknown · Online Tours & Travels Management System

Name of the Vulnerable Software and Affected Versions: Online Tours & Travels Management System version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the id parameter at the "/tour/admin/update payment.php" API endpoint...