Aggregator

A vulnerability classified as critical has been found in xlock. Affected is an unknown function. The manipulation leads to memory corruption. This vulnerability is traded as CVE-1999-0038. Attacking locally is a requirement. Furthermore, there is an exploit available.

本文同步发表在 HamCQ 论坛：forum.hamcq.cn/d/4271 由于笔者比较社恐且不习惯直接喊话，因此在考 B 之前并未进行太多通联。在考取 B 证后笔者成为了社畜，加上住处电磁环境复杂导致购买了设备之后也没怎么使用过，直到前几天才在学弟的鼓励下开始尝试 FT8 通联，遇到了以下情况： 笔者苦于协谷 X6100 原生固件的不足，也没钱没空间买新的设备，因此希望寻找改进协谷 X6100 固件的方法，在一番搜索过后，笔者找到了协谷 X6100 的替代固件并兴致勃勃地摸索它的功能。笔者希望能趁着这股新鲜劲对业余无线电的一些基础知识和设备使用进行学习，本文则尝试简单介绍一下该替代固件和...

...

本文同步发表在 HamCQ 论坛：https://forum.hamcq.cn/d/4271由于笔者比较社恐且不习惯直接喊话，因此在考 B 之前并未进行太多通联。在考取 B 证后笔者成为了社畜，

A vulnerability classified as critical was found in zhenfeng13 My-Blog 1.0. Affected by this vulnerability is the function upload of the file src/main/java/com/site/blog/my/core/controller/admin/uploadController. java. The manipulation of the argument file leads to unrestricted upload. This vulnerability is known as CVE-2024-13145. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in zhenfeng13 My-Blog 1.0. Affected is the function uploadFileByEditomd of the file src/main/java/com/site/blog/my/core/controller/admin/BlogController.java. The manipulation of the argument editormd-image-file leads to unrestricted upload. This vulnerability is traded as CVE-2024-13144. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

Submit #469221 / VDB-290233

Submit #469220 / VDB-290232

A vulnerability was found in ZeroWdd studentmanager 1.0. It has been rated as problematic. This issue affects the function submitAddPermission of the file src/main/java/com/zero/system/controller/PermissionController. java. The manipulation of the argument url leads to cross site scripting. The identification of this vulnerability is CVE-2024-13143. The attack may be initiated remotely. Furthermore, there is an exploit available. Other parameters might be affected as well.

A vulnerability was found in ZeroWdd studentmanager 1.0. It has been declared as problematic. This vulnerability affects the function submitAddRole of the file src/main/java/com/zero/system/controller/RoleController. java. The manipulation of the argument name leads to cross site scripting. This vulnerability was named CVE-2024-13142. The attack can be initiated remotely. There is no exploit available.

Submit #469217 / VDB-290231

Submit #469213 / VDB-290230

di Marco SchiaffinoPotrebbe essere una delle operazioni di cyber-spionaggio più clamorose di sempre.

A vulnerability was found in Kaspersky Anti-Virus up to 8.0.4. It has been rated as problematic. This issue affects some unknown processing. The manipulation of the argument scriptName as part of Parameter leads to cross site scripting. The identification of this vulnerability is CVE-2017-9813. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

分析仿冒浏览器更新脚本安装CS木马

A vulnerability, which was classified as problematic, was found in Bolt up to 2.2.4. This affects an unknown part of the component Theme Editor. The manipulation leads to injection. This vulnerability is uniquely identified as CVE-2015-7309. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.