RedPacket Security - InfoSec News & Tutorials

Hackers Exploit Job Boards, Stealing Millions of Resumes and Personal Data

February 6, 2024

Employment agencies and retail companies chiefly located in the Asia-Pacific (APAC) region have been targeted by a previously undocumented threat...

How a $10B Enterprise Customer Drastically Increased their SaaS Security Posture with 201% ROI by Using SSPM

February 6, 2024

SaaS applications are the darlings of the software world. They enable work from anywhere, facilitate collaboration, and offer a cost-effective...

LockBit 3.0 Ransomware Victim: logtainer[.]com

February 6, 2024

LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

BA Plus Plugin for WordPress cross-site scripting | CVE-2024-22286

February 6, 2024

NAME__________BA Plus Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress BA Plus Plugin for WordPress 1.0.3Risk Level:7.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________BA Plus Plugin for...

Post views Stats Plugin for WordPress cross-site scripting | CVE-2024-22289

February 6, 2024

NAME__________Post views Stats Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Post views Stats Plugin for WordPress 1.3Risk Level:7.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Post views...

QNAP Photo Station cross-site scripting | CVE-2023-47561

February 6, 2024

NAME__________QNAP Photo Station cross-site scriptingPlatforms Affected:QNAP Photo Station 6.4Risk Level:5.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________QNAP Photo Station is vulnerable to cross-site scripting, caused...

Testimonial Page Manager cross-site scripting | CVE-2024-1196

February 6, 2024

NAME__________Testimonial Page Manager cross-site scriptingPlatforms Affected:Sourcecodester Testimonial Page Manager 1.0Risk Level:4.3Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Testimonial Page Manager is vulnerable to cross-site scripting,...

QNAP QTS, QuTS hero and QuTScloud directory traversal | CVE-2023-45026

February 6, 2024

NAME__________QNAP QTS, QuTS hero and QuTScloud directory traversalPlatforms Affected:QNAP QTS 5.1 QNAP QuTS hero h5.1 QNAP QuTScloud c5.1Risk Level:6.8Exploitability:UnprovenConsequences:Obtain Information...

TP-LINK TL-WR740N Wireless N Router HTML injection |

February 6, 2024

NAME__________TP-LINK TL-WR740N Wireless N Router HTML injectionPlatforms Affected:TP-LINK TL-WR740NRisk Level:6.5Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________TP-LINK TL-WR740N Wireless N Router is vulnerable to HTML...

Contact Form builder with drag & drop – Kali Forms Plugin for WordPress security bypass | CVE-2024-22305

February 6, 2024

NAME__________Contact Form builder with drag & drop - Kali Forms Plugin for WordPress security bypassPlatforms Affected:WordPress Contact Form builder with...

QNAP QTS, QuTS hero and QuTScloud buffer overflow | CVE-2023-41292

February 6, 2024

NAME__________QNAP QTS, QuTS hero and QuTScloud buffer overflowPlatforms Affected:QNAP QTS 5.1 QNAP QuTS hero h5.1 QNAP QuTScloud c5.1Risk Level:3.8Exploitability:UnprovenConsequences:Gain Access...

iTop VPN denial of service | CVE-2024-1195

February 6, 2024

NAME__________iTop VPN denial of servicePlatforms Affected:iTop VPN iTop VPN 4.0.0.1 iTop VPN iTop VPN 4.0.0.0Risk Level:5.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________iTop VPN...

OpenBI code execution | CVE-2024-1198

February 6, 2024

NAME__________OpenBI code executionPlatforms Affected:OpenBI OpenBI 1.0.8 OpenBI OpenBI 1.0.7Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________OpenBI could allow a remote authenticated attacker to execute...

QNAP QTS, QuTS hero and QuTScloud command execution | CVE-2023-41282

February 6, 2024

NAME__________QNAP QTS, QuTS hero and QuTScloud command executionPlatforms Affected:Risk Level:5.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________QNAP QTS, QuTS hero and QuTScloud could allow a...

Testimonial Page Manager SQL injection | CVE-2024-1197

February 6, 2024

NAME__________Testimonial Page Manager SQL injectionPlatforms Affected:Sourcecodester Testimonial Page Manager 1.0Risk Level:7.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Testimonial Page Manager is vulnerable to SQL injection....

AntiSamy cross-site scripting | CVE-2024-23635

February 6, 2024

NAME__________AntiSamy cross-site scriptingPlatforms Affected:AntiSamy AntiSamy 1.7.4Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________AntiSamy is vulnerable to cross-site scripting, caused by improper validation of user-supplied...

Main Story

Editor’s Picks

Trending Story

Featured Story

You may have missed