Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

CVE-2022-30458: automotive/xss.md at main · mikeccltt/automotive

Automotive Shop Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via /asms/classes/Master.php?f=save_product, name.

CVE
#xss#vulnerability#windows#js#java#php#firefox
CVE-2022-30460: sns_bug_report/xss.md at main · mikeccltt/sns_bug_report

Simple Social Networking Site v1.0 is vulnerable to Cross Site Scripting (XSS) via /sns/classes/Users.php?f=save, firstname.

CVE-2022-30459: chatbot/sql.md at main · mikeccltt/chatbot

ChatBot App with Suggestion in PHP/OOP v1.0 is vulnerable to SQL Injection via /simple_chat_bot/classes/Master.php?f=delete_response, id.

CVE-2022-30461: wbms_bug_report/sql.md at main · mikeccltt/wbms_bug_report

Water-billing-management-system v1.0 is vulnerable to SQL Injection via /wbms/classes/Master.php?f=delete_client, id

CVE-2022-30456: badminton-center-management-system/badminton-center-management-system-xss.md at main · mikeccltt/badminton-center-management-system

Badminton Center Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via /bcms/classes/Master.php?f=save_court_rental.

CVE-2022-30454: bug_report/SQL-1.md at main · mikeccltt/bug_report

Merchandise Online Store 1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_product.

Malware Analysis: Trickbot

In this day and age, we are not dealing with roughly pieced together, homebrew type of viruses anymore. Malware is an industry, and professional developers are found to exchange, be it by stealing one's code or deliberate collaboration. Attacks are multi-layer these days, with diverse sophisticated software apps taking over different jobs along the attack-chain from initial compromise to

Unknown APT group has targeted Russia repeatedly since Ukraine invasion

An in-depth look at the attack chain used by an unknown APT group that has launched four campaigns against Russian targets since February. The post Unknown APT group has targeted Russia repeatedly since Ukraine invasion appeared first on Malwarebytes Labs.

CVE-2022-1840: webray.com.cn/Home Clean Services Management System Stored Cross-Site Scripting(XSS).md at main · Xor-Gerke/webray.com.cn

A vulnerability, which was classified as problematic, has been found in Home Clean Services Management System 1.0. This issue affects register.php?link=registerand. The manipulation with the input <script>alert(1)</script> leads to cross site scripting. The attack may be initiated remotely but demands authentication. Exploit details have been disclosed to the public.