RedPacket Security - InfoSec News & Tutorials

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

March 26, 2024

CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...

Akira Ransomware Victim: Calida

March 26, 2024

NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...

Akira Ransomware Victim: European Centre for Compensation

March 26, 2024

NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...

Akira Ransomware Victim: Vita IT

March 26, 2024

NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...

Sentrifugo cross-site scripting | CVE-2024-29877

March 26, 2024

NAME__________Sentrifugo cross-site scriptingPlatforms Affected:Sentrifugo Sentrifugo 3.2Risk Level:7.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Sentrifugo is vulnerable to cross-site scripting, caused by improper validation of user-supplied...

Advantech WebAccess/SCADA SQL injection | CVE-2024-2453

March 26, 2024

NAME__________Advantech WebAccess/SCADA SQL injectionPlatforms Affected:Advantech WebAccess/SCADA 9.1.5URisk Level:6.4Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Advantech WebAccess/SCADA is vulnerable to SQL injection. A remote authenticated attacker...

GitHub Enterprise Server cross-site request forgery | CVE-2024-2748

March 26, 2024

NAME__________GitHub Enterprise Server cross-site request forgeryPlatforms Affected:GitHub Enterprise Server 3.12.0Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________GitHub Enterprise Server is vulnerable to cross-site request...

Sentrifugo cross-site scripting | CVE-2024-29879

March 26, 2024

Logpoint cross-site scripting | CVE-2024-29865

March 26, 2024

NAME__________Logpoint cross-site scriptingPlatforms Affected:Logpoint Logpoint 7.0.1Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Logpoint is vulnerable to cross-site scripting, caused by improper validation of user-supplied...

Sentrifugo cross-site scripting | CVE-2024-29878

March 26, 2024

Datalust Seq privilege escalation | CVE-2024-29866

March 26, 2024

NAME__________Datalust Seq privilege escalationPlatforms Affected:Datalust SeqRisk Level:7.2Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Datalust Seq could allow a remote authenticated attacker to gain elevated privileges...

JetBrains TeamCity privilege escalation | CVE-2024-29880

March 26, 2024

NAME__________JetBrains TeamCity privilege escalationPlatforms Affected:JetBrains TeamCityRisk Level:4.2Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________JetBrains TeamCity could allow a local authenticated attacker to gain elevated privileges...

Simple File Manager Web App file upload | CVE-2024-2849

March 26, 2024

NAME__________Simple File Manager Web App file uploadPlatforms Affected:Sourcecodester Simple File Manager Web App 1.0Risk Level:6.3Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Simple File...

Microsoft .NET Framework information disclosure | CVE-2024-29059

March 26, 2024

NAME__________Microsoft .NET Framework information disclosurePlatforms Affected:Microsoft Microsoft .NET Framework 4.8 4.8.0 Microsoft Microsoft .NET Framework 3.5 AND 4.8 4.8.0 Microsoft...

EmbedPress plugin for WordPress cross-site scripting | CVE-2024-2468

March 26, 2024

NAME__________EmbedPress plugin for WordPress cross-site scriptingPlatforms Affected:WordPress WordPress WordPress EmbedPress Plugin for WordPress 3.9.5 WordPress EmbedPress Plugin for WordPress 3.9.8Risk...

Sourcecodester PHP Task Management System SQL injection | CVE-2024-29302

March 26, 2024

NAME__________Sourcecodester PHP Task Management System SQL injectionPlatforms Affected:SourceCodester PHP Task Management System 1.0Risk Level:5.4Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Sourcecodester PHP Task Management System...

WiX Toolset security bypass | CVE-2024-29188

March 26, 2024

NAME__________WiX Toolset security bypassPlatforms Affected:WiX Toolset WiX Toolset 4.0.4Risk Level:7.9Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________WiX Toolset could allow a local authenticated attacker to...

Microsoft Edge (Chromium-based) spoofing | CVE-2024-29057

March 26, 2024

NAME__________Microsoft Edge (Chromium-based) spoofingPlatforms Affected:Microsoft Microsoft Edge (Chromium-based) 1.0.0Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Microsoft Edge (Chromium-based) could allow a remote attacker to...

Sourcecodester PHP Task Management System SQL injection | CVE-2024-29303

March 26, 2024

Microsoft Edge (Chromium-based) security bypass | CVE-2024-26247

March 26, 2024

NAME__________Microsoft Edge (Chromium-based) security bypassPlatforms Affected:Microsoft Microsoft Edge (Chromium-based) 1.0.0Risk Level:4.7Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Microsoft Edge (Chromium-based) could allow a remote attacker...

WiX Toolset privilege escalation | CVE-2024-29187

March 26, 2024

NAME__________WiX Toolset privilege escalationPlatforms Affected:WiX Toolset WiX Toolset 4.0.4Risk Level:7.3Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________WiX Toolset could allow a local authenticated attacker to...

Sourcecodester PHP Task Management System SQL injection | CVE-2024-29301

March 26, 2024

phpMyFAQ cross-site scripting | CVE-2024-28106

March 26, 2024

NAME__________phpMyFAQ cross-site scriptingPlatforms Affected:phpMyFAQ phpMyFAQ 3.2.5Risk Level:4.3Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________phpMyFAQ is vulnerable to cross-site scripting, caused by improper validation of user-supplied...

phpMyFAQ file upload | CVE-2024-28105

March 26, 2024

NAME__________phpMyFAQ file uploadPlatforms Affected:phpMyFAQ phpMyFAQ 3.2.5Risk Level:7.2Exploitability:UnprovenConsequences:File Manipulation DESCRIPTION__________phpMyFAQ could allow a remote authenticated attacker to upload arbitrary files caused...

Main Story

Fortifying the Supply Chain through Practical Security for Modern Organizations

Security Awareness Training that Works for Changing Employee Behavior

Editor’s Picks

Trending Story

Featured Story

You may have missed