Aggregator

A vulnerability has been found in Rianxosencabos CMS 0.9 and classified as critical. This vulnerability affects unknown code of the file useradmin.php of the component Control Panel. The manipulation leads to improper access controls. This vulnerability was named CVE-2008-4245. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in Knowledgebase-script PHPKB Knowledge Base Software 1.5. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file email.php. The manipulation of the argument ID leads to sql injection. This vulnerability is known as CVE-2008-5088. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability has been found in 6rbScript 3.3 and classified as critical. Affected by this vulnerability is an unknown functionality of the file section.php. The manipulation leads to sql injection. This vulnerability is known as CVE-2008-6454. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Dieselscripts Diesel Job Site. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to sql injection. This vulnerability is handled as CVE-2008-6467. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in Epic Games Unreal Tournament 3 up to 1.2. Affected by this issue is some unknown functionality of the component WebAdmin. The manipulation leads to path traversal. This vulnerability is handled as CVE-2008-4243. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in jPORTAL 2. This vulnerability affects unknown code of the file humor.php. The manipulation leads to sql injection. This vulnerability was named CVE-2008-6451. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in Mevin Basic-php-events-lister 1.0 and classified as critical. This issue affects some unknown processing of the file event.php. The manipulation leads to sql injection. The identification of this vulnerability is CVE-2008-6464. The attack may be initiated remotely. Furthermore, there is an exploit available.

Возможность оценить угрозы, ещё до того как они станут реальными.

奇安信威胁情报中心发现，新海莲花组织APT-Q-31近期重新活跃，并采用MSI文件滥用的新手法，这是首次在国内针对政企的APT活动中捕获到该技术的使用。海莲花的两个攻击集合共享攻击资源，但TTP完全不同。上次新海莲花的活跃是2023年末。

Google said it discovered a zero-day vulnerability in the SQLite open-source database engine using its large language model (LLM) assisted framework called Big Sleep (formerly Project Naptime). The tech giant described the development as the "first real-world vulnerability" uncovered using the artificial intelligence (AI) agent. "We believe this is the first public example of an AI agent finding

Куда ведут следы похищенных из Git данных?

根据 GitHub 的年度开发者报告，Python 取代 JavaScript 成为 GitHub 最受欢迎的语言，而印度将在 2028 年超过美国成为 GitHub 开发者人数最多的国家。GitHub 称 AI 并没有取代程序员的工作，而是推动了更多人用他们的母语写代码。2024 年 GitHub 上生成式 AI 项目贡献量增长 59%，项目总数增长 98%，许多贡献来自印度、德国、日本和新加坡等国。美国开发者人数仍然最多，其次是印度、中国、巴西、英国、俄罗斯、德国、印度尼西亚、日本和加拿大。GitHub 目前有 5.18 亿个项目，同比增长 25%。

A vulnerability, which was classified as critical, has been found in Codezips Free Exam Hall Seating Management System 1.0. This issue affects some unknown processing of the file /pages/save_user.php. The manipulation of the argument image leads to unrestricted upload. The identification of this vulnerability is CVE-2024-10766. The attack may be initiated remotely. Furthermore, there is an exploit available. The initial researcher disclosure contains confusing vulnerability classes and file names.

今年9月份EdgeOne Pages低调上线了！该功能基于EdgeOne边缘安全加速，提供了静动态WEB平台的部署。EdgeOne是腾讯云最近几年比较力推的服务，提供国内版和海外版。 本文主要演...

梆梆安全成为中国网络空间安全协会个人信息保护专业委员会首批成员单位 日期：2024年11月04日 阅：27

梆梆安全出席2024中韩个人信息合作论坛 多维度阐述个人信息保护策略 日期：2024年11月04日 阅：26

A vulnerability classified as critical was found in Codezips Online Institute Management System up to 1.0. This vulnerability affects unknown code of the file /profile.php. The manipulation of the argument old_image leads to unrestricted upload. This vulnerability was named CVE-2024-10765. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in Codezips Online Institute Management System 1.0. This affects an unknown part of the file /pages/save_user.php. The manipulation of the argument image leads to unrestricted upload. This vulnerability is uniquely identified as CVE-2024-10764. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Submit #436478 / VDB-282953