RedPacket Security - InfoSec News & Tutorials

Akira Ransomware Victim: New York & Company

September 5, 2023

NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...

Ninja Forms Plugin for WordPress cross-site scripting | CVE-2023-4150

September 5, 2023

NAME__________Ninja Forms Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Ninja Forms Plugin for WordPress 3.6.25Risk Level:4.8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Ninja Forms Plugin for...

User Activity Tracking and Log Plugin for WordPress cross-site request forgery | CVE-2023-4150

September 5, 2023

NAME__________User Activity Tracking and Log Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress User Activity Tracking and Log Plugin for WordPress...

IBM Sterling Secure Proxy information disclosure | CVE-2023-32338

September 5, 2023

NAME__________IBM Sterling Secure Proxy information disclosurePlatforms Affected:IBM Sterling Secure Proxy 6.0.3 IBM Sterling External Authentication Server 6.0.3 IBM Sterling External...

Realgimm file upload | CVE-2023-41638

September 5, 2023

NAME__________Realgimm file uploadPlatforms Affected:GruppoSCAI RealGimm 1.1.37p38Risk Level:5.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Realgimm could allow a remote attacker to upload arbitrary files, caused by...

GPAC denial of service | CVE-2023-4678

September 5, 2023

NAME__________GPAC denial of servicePlatforms Affected:GPAC GPAC 2.3-DEV-revreleaseRisk Level:4.4Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________GPAC is vulnerable to a denial of service,...

IBM Sterling Secure Proxy information disclosure | CVE-2023-29261

September 5, 2023

NAME__________IBM Sterling Secure Proxy information disclosurePlatforms Affected:IBM Sterling External Authentication Server 6.0.3 IBM Sterling External Authentication Server 6.1.0Risk Level:5.1Exploitability:UnprovenConsequences:Obtain Information...

Realgimm file upload | CVE-2023-41637

September 5, 2023

NAME__________Realgimm file uploadPlatforms Affected:Risk Level:5.3Exploitability:UnprovenConsequences:File Manipulation DESCRIPTION__________Realgimm could allow a remote attacker to upload arbitrary files, caused by the improper...

Realgimm SQL injection | CVE-2023-41636

September 5, 2023

NAME__________Realgimm SQL injectionPlatforms Affected:GruppoSCAI RealGimm 1.1.37p38Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Realgimm is vulnerable to SQL injection. A remote attacker could send specially-crafted...

Realgimm XML External Entity Injection (XXE) information disclosure | CVE-2023-41635

September 5, 2023

NAME__________Realgimm XML External Entity Injection (XXE) information disclosurePlatforms Affected:GruppoSCAI RealGimm 1.1.37p38Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Realgimm is vulnerable to an XML External...

Realgimm SQL Injection | CVE-2023-41640

September 5, 2023

NAME__________Realgimm SQL InjectionPlatforms Affected:GruppoSCAI RealGimm 1.1.37p38Risk Level:6.5Exploitability:HighConsequences:Obtain Information DESCRIPTION__________Realgimm is vulnerable to SQL injection. A remote attacker could send specially-crafted...

Waiting: One-click countdowns Plugin for cross-site request forgery, | CVE-2023-4000

September 5, 2023

NAME__________Waiting: One-click countdowns Plugin for cross-site request forgery,Platforms Affected:WordPress One-click countdowns Plugin for WordPress 0.6.2Risk Level:6.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Waiting: One-click countdowns...

IBM Security Guardium denial of service | CVE-2022-43903

September 5, 2023

NAME__________IBM Security Guardium denial of servicePlatforms Affected:IBM Security Guardium 10.6 IBM Security Guardium 11.3 IBM Security Guardium 11.4Risk Level:4.3Exploitability:UnprovenConsequences:Denial of...

catdoc denial of service | CVE-2023-41633

September 5, 2023

NAME__________catdoc denial of servicePlatforms Affected:Catdoc Catdoc 0.95Risk Level:5.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________catdoc is vulnerable to a denial of service, caused by...

123.chat plugin for WordPress cross-site scripting | CVE-2023-4298

September 5, 2023

NAME__________123.chat plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Floating Chat Widget Plugin for WordPress 3.1.1Risk Level:4.8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________123.chat plugin for WordPress...

Realgimm cross-site scripting | CVE-2023-41642

September 5, 2023

NAME__________Realgimm cross-site scriptingPlatforms Affected:GruppoSCAI RealGimm 1.1.37p38Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Realgimm is vulnerable to cross-site scripting, caused by improper validation of user-supplied...

Infosoftbd infosoftbd cross-site scripting | CVE-2023-4707

September 5, 2023

NAME__________Infosoftbd infosoftbd cross-site scriptingPlatforms Affected:Infosoftbd Clcknshop 1.0.0Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Infosoftbd infosoftbd is vulnerable to cross-site scripting, caused by improper validation...

TOTVS RM cross-site scripting | CVE-2023-4710

September 5, 2023

NAME__________TOTVS RM cross-site scriptingPlatforms Affected:TOTVS TOTVS RM 12.1Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________TOTVS RM is vulnerable to cross-site scripting, caused by improper...

IBM Business Automation Workflow cross-site scripting | CVE-2023-33858

September 5, 2023

NAME__________IBM Business Automation Workflow cross-site scriptingPlatforms Affected:IBM Business Automation Workflow containers 20.0.0.1 IBM Business Automation Workflow traditional 19.0.0.1 IBM Business...

Usermin cross-site scripting | CVE-2023-41163

September 5, 2023

NAME__________Usermin cross-site scriptingPlatforms Affected:Usermin Usermin 2.0Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Usermin is vulnerable to cross-site scripting, caused by improper validation of user-supplied...

Main Story

Editor’s Picks

Trending Story

Featured Story

You may have missed