EUVD-2026-17508

A vulnerability was found in CMS Made Simple up to 2.2.22. This impacts the function copyFilesToFolder in the library modules/UserGuide/lib/class.UserGuideImporterExporter.php of the component UserGuide Module XML Import. The manipulation results in path traversal. It is possible to launch the...

CVE-2026-5203

A vulnerability was found in CMS Made Simple up to 2.2.22. This impacts the function copyFilesToFolder in the library modules/UserGuide/lib/class.UserGuideImporterExporter.php of the component UserGuide Module XML Import. The manipulation results in path traversal. It is possible to launch the...

CVE-2025-54303

The CVE-2025-54303 entry concerns Thermo Fisher Torrent Suite Django application 5.18.1 with weak default credentials stored as Django ORM fixtures. The ionadmin account can authenticate to default deployments using the password ionadmin, and there is no enforced policy to require changing defaul...

Appliance Installer Error: "An unknown error has occured"

Challenge When installing a Veeam Infrastructure Appliance on a physical or virtual machine using a bootable USB device created from the JeOS ISO file, the following error occurs: An unknown error has occurred Cause This problem happens during installation, following the disk partitioning step, a...

EUVD-2017-18075

Malware in sbrugna...

MAL-2024-11009 Malicious code in ssc-user-guide-pro (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b28cdf39e031f4bad55901266218e082e89ddc065dddc3334657fbaf84b7045b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in ssc-user-guide-pro (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b28cdf39e031f4bad55901266218e082e89ddc065dddc3334657fbaf84b7045b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Release Information for Veeam Backup for Nutanix AHV 6.1

This update has been superseded by Veeam Backup for Nutanix AHV 7.0, which was released alongside and supports only Veeam Backup & Replication 12.3. Requirements To upgrade to Veeam Backup for Nutanix AHV 6.1, download the installer below and run it on the Veeam Backup & Replication server that...

tomtom-user-guide.s3-website-us-west-2.amazonaws.com Cross Site Scripting vulnerability OBB-3848810

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Moderate: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update

An update is now available for Red Hat Ansible Automation Platform 2.4 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

WordPress Custom User Guide Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software Custom User Guide Type Plugin Vulnerable versions = 1.0.1 Fixed in 1.1.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 73064f77dce5 Credits Rafie Muhammad Patchstack...

Artemis - A Modular Web Reconnaissance Tool And Vulnerability Scanner

A modular web reconnaissance tool and vulnerability scanner based on Karton https://github.com/CERT-Polska/karton. The Artemis project has been initiated by the KN Cyber science club of Warsaw University of Technology and is currently being maintained by CERT Polska. Artemis is experimental...

Schneider Electric PowerLogic ION7400 / PM8000 / ION8650 / ION8800 / ION9000 Power Meters Cleartext Transmission of Sensitive Information (CVE-2022-46680)

A CWE-319: Cleartext transmission of sensitive information vulnerability exists that could cause disclosure of sensitive information, denial of service, or modification of data if an attacker is able to intercept network traffic. This plugin only works with Tenable.ot. Please visit...

Release Information for Veeam Backup for Google Cloud 4 Patch 1

Requirements Before installing this patch, please confirm that you are running Veeam Backup for Google Cloud 4 build 4.0.0.1072. You can check your build number under Configuration | Support Information | About | Server version by clicking the gear icon at the top-right corner of the main menu in...

Decider - A Web Application That Assists Network Defenders, Analysts, And Researcher In The Process Of Mapping Adversary Behaviors To The MITRE ATT&CK Framework

What is it? The Short A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK® framework. The Long Decider is a tool to help analysts map adversary behavior to the MITRE ATT&CK framework. Decider makes creating...

Error When Adding Veeam Backup for Microsoft 365 to Veeam ONE

Challenge When attempting to add Veeam Backup for Microsoft 365 to Veeam ONE, either of the following error occurs: Failed to connect to "localhost".404 Not Found Failed to add the Veeam Backup for Microsoft 365 server. The server version is not supported. Cause Both errors occur for the same...

WordPress Custom User Guide plugin <= 1.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Custom User Guide plugin versions = 1.0. Solution Update the WordPress Custom User Guide plugin to the latest available version at least 1.0.1...

WordPress Custom User Guide plugin <= 1.0 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Custom User Guide plugin versions = 1.0. Solution Update the WordPress Custom User Guide plugin to the latest available version at least 1.0.1...

FACT - A Tool To Collect, Process And Visualise Forensic Data From Clusters Of Machines Running In The Cloud Or On-Premise

FACT is a tool to collect, process and visualise forensic data from clusters of machines running in the cloud or on-premise. Deployment For a basic single-node deployment, we recommend using Docker and Docker Compose. First, read docker-compose.yaml for configuration and requirements. Then, start...

Gargamel - A Forensic Evidence Acquirer

A Forensic Evidence Acquirer Compile Assuming you have Rust 1.41+ installed. Open terminal in the project directory and to compile a release build type cargo build --release Debug build can be compiled using cargo build Compiled executable is located at target/release/gargamel.exe or...