SCARLETEEL Cryptojacking Campaign Exploiting AWS Fargate in Ongoing Campaign
Cloud environments continue to be at the receiving end of an ongoing advanced attack campaign dubbed SCARLETEEL, with the threat...
Akira Ransomware Victim: Green Diamond
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Akira Ransomware Victim: Hamre Schumann Muell er & Larson HSML
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Akira Ransomware Victim: 4LEAF, Inc
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
LockBit 3.0 Ransomware Victim: panoramaeyecare[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Metersphere code execution | CVE-2023-35937
NAME__________Metersphere code executionPlatforms Affected:metersphere metersphere 2.10.1 LTSRisk Level:6Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Metersphere could allow a remote authenticated attacker to execute arbitrary code...
Novu open redirect | CVE-2023-35948
NAME__________Novu open redirectPlatforms Affected:Novu Novu 0.15Risk Level:5.4Exploitability:UnprovenConsequences:Other DESCRIPTION__________Novu could allow a remote attacker to conduct phishing attacks, caused by an...
Sourcecodester Shopping Website SQL injection | CVE-2023-3534
NAME__________Sourcecodester Shopping Website SQL injectionPlatforms Affected:Sourcecodester Shopping Website 1.0Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Sourcecodester Shopping Website is vulnerable to SQL injection. A...
Drogon response splitting | CVE-2023-26138
NAME__________Drogon response splittingPlatforms Affected:Drogon Drogon 1.8.4 Drogon Drogon 1.8.3 Drogon Drogon 1.8.2 Drogon Drogon 1.8.1 Drogon Drogon 1.8.0Risk Level:7.2Exploitability:UnprovenConsequences:Data Manipulation...
yt-dlp information disclosure | CVE-2023-35934
NAME__________yt-dlp information disclosurePlatforms Affected:yt-dlp yt-dlpRisk Level:6.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________yt-dlp could allow a remote attacker to obtain sensitive information. By sending a...
SimplePHPscripts Photo Gallery PHP cross-site scripting | CVE-2023-3538
NAME__________SimplePHPscripts Photo Gallery PHP cross-site scriptingPlatforms Affected:SimplePHPscripts Photo Gallery PHP 2.0Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________SimplePHPscripts Photo Gallery PHP is vulnerable to...
GZ Scripts Availability Booking Calendar PHP cross-site scripting | CVE-2023-3543
NAME__________GZ Scripts Availability Booking Calendar PHP cross-site scriptingPlatforms Affected:GZ Scripts Availability Booking Calendar PHP 1.8Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________GZ Scripts Availability...
Zoho ManageEngine ADAudit Plus cross-site scripting | CVE-2023-37308
NAME__________Zoho ManageEngine ADAudit Plus cross-site scriptingPlatforms Affected:Zoho ManageEngine ADAudit Plus 7091Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Zoho ManageEngine ADAudit Plus is vulnerable to...
SimplePHPscripts Funeral Script PHP cross-site scripting | CVE-2023-3536
NAME__________SimplePHPscripts Funeral Script PHP cross-site scriptingPlatforms Affected:SimplePHPscripts Funeral Script PHP 3.1Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________SimplePHPscripts Funeral Script PHP is vulnerable to...
Tekton Pipelines security bypass | CVE-2023-37264
NAME__________Tekton Pipelines security bypassPlatforms Affected:Tekton Pipelines 0.35.0Risk Level:3.7Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Tekton Pipelines could allow a remote authenticated attacker to bypass security...
Samsung Mobile directory traversal | CVE-2023-30678
NAME__________Samsung Mobile directory traversalPlatforms Affected:Samsung mobile devicesRisk Level:5.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Samsung Mobile could allow a local attacker to traverse directories on...
ThinuTech ThinuCMS cross-site scripting | CVE-2023-3542
NAME__________ThinuTech ThinuCMS cross-site scriptingPlatforms Affected:ThinuTech ThinuCMS 1.5Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________ThinuTech ThinuCMS is vulnerable to cross-site scripting, caused by improper validation...
SimplePHPscripts NewsLetter Script PHP cross-site scripting | CVE-2023-3540
NAME__________SimplePHPscripts NewsLetter Script PHP cross-site scriptingPlatforms Affected:SimplePHPscripts NewsLetter Script PHP 2.4Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________SimplePHPscripts NewsLetter Script PHP is vulnerable to...
Faculty Evaluation System SQL injection |
NAME__________Faculty Evaluation System SQL injectionPlatforms Affected:Faculty Evaluation System Faculty Evaluation System 1.0Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Faculty Evaluation System is vulnerable to...
GZ Scripts Time Slot Booking Calendar PHP cross-site scripting | CVE-2023-3544
NAME__________GZ Scripts Time Slot Booking Calendar PHP cross-site scriptingPlatforms Affected:GZ Scripts Time Slot Booking Calendar PHP 1.8Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________GZ...
SimplePHPscripts News Script PHP Pro cross-site scripting | CVE-2023-3537
NAME__________SimplePHPscripts News Script PHP Pro cross-site scriptingPlatforms Affected:SimplePHPscripts News Script PHP Pro 2.4Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________SimplePHPscripts News Script PHP Pro...
Winter CMS cross-site scripting | CVE-2023-37269
NAME__________Winter CMS cross-site scriptingPlatforms Affected:Winter CMS Winter CMS 1.2.2Risk Level:2Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Winter CMS is vulnerable to cross-site scripting, caused by...
ThinuTech ThinuCMS cross-site scripting | CVE-2023-3541
NAME__________ThinuTech ThinuCMS cross-site scriptingPlatforms Affected:ThinuTech ThinuCMS 1.5Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________ThinuTech ThinuCMS is vulnerable to cross-site scripting, caused by improper validation...
SimplePHPscripts FAQ Script PHP cross-site scripting | CVE-2023-3535
NAME__________SimplePHPscripts FAQ Script PHP cross-site scriptingPlatforms Affected:SimplePHPscripts FAQ Script PHP 2.3Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________SimplePHPscripts FAQ Script PHP is vulnerable to...
