#php

UBM CMS version 1.2 suffers from an insecure direct object reference vulnerability.

TAIF LMS version 5.8.0 suffers from a remote shell upload vulnerability.

Webdenim AppUI version 1.0 suffers from an insecure direct object reference vulnerability.

LMS ZAI version 6.1 suffers from an ignored default credential vulnerability.

Quick Job version 2.4 suffers from an insecure direct object reference vulnerability.

PPDB ONLINE version 1.3 appears to suffer from an administrative page disclosure issue.

PHP MaXiMuS version 2.5.2 suffers from a cross site scripting vulnerability.

NUKE SENTINEL version 2.5.2 suffers from a cross site scripting vulnerability.

eDesign CMS version 2.0 suffers from an insecure direct object reference vulnerability.

Threat actors have been observed using swap files in compromised websites to conceal a persistent credit card skimmer and harvest payment information. The sneaky technique, observed by Sucuri on a Magento e-commerce site's checkout page, allowed the malware to survive multiple cleanup attempts, the company said. The skimmer is designed to capture all the data into the credit card form on the