Codezips E-Commerce Website 注入漏洞

Codezips E-Commerce Website is an open source e-commerce website by Codezips. An injection vulnerability exists in Codezips E-Commerce Website version 1.0, which originates from an SQL injection in the parameter email...

Sneaky Credit Card Skimmer Disguised as Harmless Facebook Tracker

Cybersecurity researchers have discovered a credit card skimmer that's concealed within a fake Meta Pixel tracker script in an attempt to evade detection. Sucuri said that the malware is injected into websites through tools that allow for custom code, such as WordPress plugins like Simple Custom...

PHPJabbers Cleaning Business Software 1.0 Cross Site Scripting

Exploit Title: PHPJabbers Cleaning Business Software v1.0 - Multiple Stored XSS Date: 19/12/2023 Exploit Author: BugsBD Limited Discover by: Rahad Chowdhury Vendor Homepage: https://www.phpjabbers.com/ Software Link: https://www.phpjabbers.com/cleaning-business-software/sectionDemo Version: v1.0...

Ekushey Project Manager CRM 5.0 Cross Site Scripting

Exploit Title: Ekushey Project Manager CRM 5.0 - Stored XSS Exploit Author: CraCkEr Vendor: Creativeitem Vendor Homepage: https://creativeitem.com/ Software Link: https://demo.creativeitem.com/ekushey/ Tested on: Windows 10 Pro Impact: Manipulate the content of the site Description Allow Attacker...

Microsoft Windows 10 scrrun.dll Active-X Creation / Deletion Issues

Title: Windows 10 'scrrun.dll' Multiple vulnerabilities Author: Nassim Asrir Contact: [email protected] / https://www.linkedin.com/in/nassim-asrir-b73a57122/ Vendor: https://www.microsoft.com/ Test ENV: ======== Browser : IE 11 OS: Windows 10 - x64 Details: ======== scrrun.dll...