Nexus: A New Rising Android Banking Trojan Targeting 450 Financial Apps
An emerging Android banking trojan dubbed Nexus has already been adopted by several threat actors to target 450 financial applications...
2023 Cybersecurity Maturity Report Reveals Organizational Unpreparedness for Cyberattacks
In 2022 alone, global cyberattacks increased by 38%, resulting in substantial business loss, including financial and reputational damage. Meanwhile, corporate...
LockBit 3.0 Ransomware Victim: trudi[.]it
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Medicine Tracker System security bypass | CVE-2023-1464
NAME__________Medicine Tracker System security bypassPlatforms Affected:Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Medicine Tracker System could allow a remote attacker to bypass security restrictions,...
Student Study Center Desk Management System directory traversal | CVE-2023-1467
NAME__________Student Study Center Desk Management System directory traversalPlatforms Affected:Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Student Study Center Desk Management System could allow a...
Student Study Center Desk Management System SQL injection | CVE-2023-1468
NAME__________Student Study Center Desk Management System SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Student Study Center Desk Management System is vulnerable to...
REBUILD SQL injection | CVE-2023-1495
NAME__________REBUILD SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________REBUILD is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL...
Student Study Center Desk Management System SQL injection | CVE-2023-1466
NAME__________Student Study Center Desk Management System SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Student Study Center Desk Management System is vulnerable to...
WP Express Checkout Plugin for WordPress cross-site scripting | CVE-2023-1469
NAME__________WP Express Checkout Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress WP Express Checkout Plugin for WordPress 2.2.8Risk Level:4.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________WP Express...
TeamPass security bypass | CVE-2023-1463
NAME__________TeamPass security bypassPlatforms Affected:Teampass Teampass 3.0.0.22Risk Level:6.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________TeamPass could allow a remote authenticated attacker to bypass security restrictions, caused...
IBOS SQL injection | CVE-2023-1494
NAME__________IBOS SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________IBOS is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL...
eCommerce Product Catalog Plugin for WordPress cross-site scripting | CVE-2023-1470
NAME__________eCommerce Product Catalog Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress eCommerce Product Catalog Plugin for WordPress 3.3.8Risk Level:4.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________eCommerce Product...
VMware Tanzu Spring Framework denial of service | CVE-2023-20861
NAME__________VMware Tanzu Spring Framework denial of servicePlatforms Affected:VMware Tanzu Spring Framework 5.2.0 VMware Tanzu Spring Framework 5.3.6 VMware Tanzu Spring...
WooCommerce Multiple Customer Addresses & Shipping Plugin for WordPress security bypass | CVE-2023-0865
NAME__________WooCommerce Multiple Customer Addresses & Shipping Plugin for WordPress security bypassPlatforms Affected:WordPress WooCommerce Multiple Customer Addresses & Shipping Plugin for...
Rapid7 InsightVM Security Console open redirect | CVE-2023-0681
NAME__________Rapid7 InsightVM Security Console open redirectPlatforms Affected:Rapid7 InsightVM 6.6.178Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Rapid7 InsightVM could allow a remote attacker to conduct...
Online Pizza Ordering System /php-opos/index.php SQL injection |
NAME__________Online Pizza Ordering System /php-opos/index.php SQL injectionPlatforms Affected:Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Online Pizza Ordering System is vulnerable to SQL injection. A...
Simple Art Gallery SQL injection | CVE-2023-1499
NAME__________Simple Art Gallery SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Simple Art Gallery is vulnerable to SQL injection. A remote authenticated attacker...
Simple and Nice Shopping Cart Script file upload | CVE-2023-1497
NAME__________Simple and Nice Shopping Cart Script file uploadPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Simple and Nice Shopping Cart Script could allow a...
MEGAFEIS, BOFEI DBD+ Application for IOS & Android information disclosure | CVE-2022-45634
NAME__________MEGAFEIS, BOFEI DBD+ Application for IOS & Android information disclosurePlatforms Affected:Risk Level:7.5Exploitability:Proof of ConceptConsequences:Obtain Information DESCRIPTION__________MEGAFEIS, BOFEI DBD+ Application for...
Responsive Hotel Site SQL injection | CVE-2023-1498
NAME__________Responsive Hotel Site SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Responsive Hotel Site is vulnerable to SQL injection. A remote authenticated attacker...
Human Resource Management System /hrm/controller/login.php SQL injection |
NAME__________Human Resource Management System /hrm/controller/login.php SQL injectionPlatforms Affected:Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Human Resource Management System is vulnerable to SQL injection. A...
Slimstat Analytics Plugin for WordPress SQL injection | CVE-2023-0630
NAME__________Slimstat Analytics Plugin for WordPress SQL injectionPlatforms Affected:WordPress Slimstat Analytics Plugin for WordPress 4.9.3.2Risk Level:5.4Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Slimstat Analytics Plugin for...
IBM WebSphere Application Server cross-site scripting | CVE-2023-26283
NAME__________IBM WebSphere Application Server cross-site scriptingPlatforms Affected:IBM WebSphere Application Server 9.0Risk Level:5.4Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________IBM WebSphere Application Server 9.0 is vulnerable...
IBM QRadar SIEM privilege escalation | CVE-2022-43863
NAME__________IBM QRadar SIEM privilege escalationPlatforms Affected:IBM Security QRadar SIEM 7.5 IBM Security QRadar SIEM 7.4.3Risk Level:6.7Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________IBM QRadar SIEM...
