Aggregator

CVE-2023-42121 | Control Web Panel improper authentication (ZDI-23-1478)

6 months 1 week ago

A vulnerability was found in Control Web Panel. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to improper authentication. This vulnerability is handled as CVE-2023-42121. The attack may be launched remotely. There is no exploit available.

vuldb.com

CVE-2023-42123 | Avast Premium Security sandbox (ZDI-23-1474)

Vuldb Updates

6 months 1 week ago

A vulnerability classified as critical was found in Avast Premium Security. This vulnerability affects unknown code. The manipulation leads to sandbox issue. This vulnerability was named CVE-2023-42123. An attack has to be approached locally. There is no exploit available.

vuldb.com

CVE-2023-42122 | Control Web Panel wloggui command injection (ZDI-23-1479)

Vuldb Updates

6 months 1 week ago

A vulnerability, which was classified as critical, was found in Control Web Panel. Affected is an unknown function of the component wloggui. The manipulation leads to command injection. This vulnerability is traded as CVE-2023-42122. Attacking locally is a requirement. There is no exploit available.

vuldb.com

CVE-2024-1934 | WP Compress Plugin up to 6.11.10 on WordPress CDN authorization

Vuldb Updates

6 months 1 week ago

A vulnerability classified as critical was found in WP Compress Plugin up to 6.11.10 on WordPress. Affected by this vulnerability is an unknown functionality of the component CDN Handler. The manipulation leads to missing authorization. This vulnerability is known as CVE-2024-1934. The attack needs to be initiated within the local network. There is no exploit available.

vuldb.com

CVE-2025-8737 | zlt2000 microservices-platform up to 6.0.0 OauthLogoutSuccessHandler.java onLogoutSuccess redirect_url (Issue 78 / EUVD-2025-24016)

Vuldb Updates

6 months 1 week ago

A vulnerability, which was classified as problematic, was found in zlt2000 microservices-platform up to 6.0.0. This affects the function onLogoutSuccess of the file src/main/java/com/central/oauth/handler/OauthLogoutSuccessHandler.java. The manipulation of the argument redirect_url leads to open redirect. This vulnerability is uniquely identified as CVE-2025-8737. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

vuldb.com

CVE-2025-8738 | zlt2000 microservices-platform up to 6.0.0 Spring Actuator Interface /actuator information disclosure (Issue 79 / EUVD-2025-24015)

Vuldb Updates

6 months 1 week ago

A vulnerability has been found in zlt2000 microservices-platform up to 6.0.0 and classified as problematic. This vulnerability affects unknown code of the file /actuator of the component Spring Actuator Interface. The manipulation leads to information disclosure. This vulnerability was named CVE-2025-8738. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply restrictive firewalling.

vuldb.com

CVE-2025-8739 | zhenfeng13 My-Blog up to 1.0.0 /admin/tags/save tagName cross-site request forgery (Issue 145 / EUVD-2025-24019)

Vuldb Updates

6 months 1 week ago

A vulnerability was found in zhenfeng13 My-Blog up to 1.0.0 and classified as problematic. This issue affects some unknown processing of the file /admin/tags/save. The manipulation of the argument tagName leads to cross-site request forgery. The identification of this vulnerability is CVE-2025-8739. The attack may be initiated remotely. Furthermore, there is an exploit available.

vuldb.com

CVE-2024-32106 | WP Compress Plugin up to 6.10.35 on WordPress cross-site request forgery

Vuldb Updates

6 months 1 week ago

A vulnerability classified as problematic has been found in WP Compress Plugin up to 6.10.35 on WordPress. This affects an unknown part. The manipulation leads to cross-site request forgery. This vulnerability is uniquely identified as CVE-2024-32106. It is possible to initiate the attack remotely. There is no exploit available.

vuldb.com

Sinobi

Dark Feed IO

6 months 1 week ago

You must login to view this content

cohenido

appshark: scan vulnerabilities in an Android app

Penetration Testing Tools - Metepreter.org

6 months 1 week ago

AppShark Appshark is a static analysis tool for Android apps. Its goal is to analyze very large apps (Douyin currently has 1.5 million methods). Appshark supports the following features: JSON-based customized scanning rules to...

The post appshark: scan vulnerabilities in an Android app appeared first on Penetration Testing Tools.

ddos

Everest

Dark Feed IO

6 months 1 week ago

You must login to view this content

cohenido

李想：知道哪个品牌在黑理想；比亚迪：微信宣布加强治理财经领域「自媒体」违规行为；世界机器人大会开幕 | 极客早知道

不安全

6 months 1 week ago

当前环境出现异常，请完成验证后继续访问。

李想：知道哪个品牌在黑理想；比亚迪：微信宣布加强治理财经领域「自媒体」违规行为；世界机器人大会开幕 | 极客早知道

极客公园

6 months 1 week ago

8 月 8 日消息，理想汽车 CEO 李想昨日在抖音发布视频，针对近期理想汽车遭遇的黑公关事件发表看法；比亚迪：经过我们内部慎重研讨，比亚迪 App 将继续使用原名称「比亚迪」。2025 世界机器人大会 8 月 8 日在北京开幕

永安在线金融行业案例

信息安全知识库

6 months 1 week ago

本文链接

银行反洗钱方案案例银行黄牛攻防系统搭建方案案例银行反营销欺诈解决方案保险业务安全建设方案案例保险营销反欺诈方案案例保险营销发欺诈方案案例证券反欺诈解决方案案例证券数据资产泄露解决方案

永安在线金融行业案例

不安全

6 months 1 week ago

本文介绍了金融行业的安全解决方案案例，包括银行的反洗钱、黄牛攻防及营销欺诈防范，保险业务的安全建设与营销反欺诈措施，以及证券领域的反欺诈和数据资产保护方案。

Safepay

Dark Feed IO

6 months 1 week ago

You must login to view this content

cohenido

Supply Chain Alert: Malicious Go Packages Found Targeting Windows and Linux

Penetration Testing Tools - Metepreter.org

6 months 1 week ago

Cybersecurity researchers have uncovered 11 malicious Go packages designed to download additional components from remote servers and execute them on both Windows and Linux systems. According to Socket researcher Olivia Brown, during execution the...

The post Supply Chain Alert: Malicious Go Packages Found Targeting Windows and Linux appeared first on Penetration Testing Tools.

ddos