Lucene search
K

6 matches found

Malwarebytes
Malwarebytes
added 2026/06/12 9:27 a.m.16 views

Fake verification pages are stealing Steam accounts from players

Online gamers should watch out for a convincing scam that aims to steal your Steam account. The scam uses fake FACEIT verification pages that look legitimate, complete with official branding, working links, and what appears to be a real Steam login window. By the time it asks for your password,...

5.5AI score
Exploits0
CVE
CVE
added 2026/05/29 12:59 p.m.29 views

CVE-2026-47696

WWBN AVideo (29.0 and earlier) has a wallet-credit bypass in the AuthorizeNet processPayment.json.php endpoint. The code credits the logged-in user’s wallet based only on an attacker-controlled POST amount, using a TODO for real charging, hardcoded $paymentSuccess = true, and calling YPTWallet::a...

7.1CVSS5.9AI score0.0012EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.14 views

PT-2026-44849

Name of the Vulnerable Software and Affected Versions AVideo versions 29.0 and earlier Description An issue exists in the 'plugin/AuthorizeNet/processPayment.json.php' endpoint that allows any logged-in user to add arbitrary funds to their own wallet when the AuthorizeNet and YPTWallet plugins ar...

7.1CVSS6AI score0.0012EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.9 views

WWBN AVideo 安全漏洞

WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to 29.0 contained security vulnerabilities. These vulnerabilities stemmed from the plugin/AuthorizeNet/processPayment.json.php file, which only increased the logged-in user’s wallet...

7.1CVSS6AI score0.0012EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/01/17 2:22 a.m.4 views

CVE-2025-14450

The Wallet System for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'changewalletfundrequeststatuscallback' function in all versions up to, and including, 2.7.2. This makes it possible for authenticated attackers, with...

6.5CVSS5.4AI score0.00214EPSS
Exploits0References5
Snyk
Snyk
added 2025/08/25 12:41 p.m.2 views

Malicious Package

Overview bittenso is a malicious package. This package contains malicious code, and its content was removed from the official package manager. The package appears to be part of a typosquatting campaign targeting the Bittensor ecosystem. The goal of the attackers is to steal cryptocurrency from...

9.3CVSS6.8AI score
Exploits0References3
Rows per page
Query Builder