Aggregator

A vulnerability, which was classified as problematic, was found in PHPGurukul COVID 19 Testing Management System 1.0. Affected is an unknown function of the file /covid-tms/patient-search-report.php of the component POST Request Parameter Handler. The manipulation of the argument searchdata leads to cross site scripting. This vulnerability is traded as CVE-2024-53635. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Omada Identity up to 15. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Access Request History. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-52951. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as problematic was found in OpenVidReview 1.0. This vulnerability affects unknown code. The manipulation of the argument review name leads to cross site scripting. This vulnerability was named CVE-2024-46055. The attack can be initiated remotely. There is no exploit available.

A vulnerability has been found in cli go-gh up to 2.11.0 and classified as problematic. This vulnerability affects unknown code of the component Environment Variable Handler. The manipulation leads to information disclosure. This vulnerability was named CVE-2024-53859. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

Частный сектор выводит космические амбиции на новый уровень.

“美国第一”的政策

“美国第一”的政策

A new AI-powered chatbot, BlackBastaGPT, trained on over 1 million leaked internal messages from the Black Basta ransomware gang. Hudson Rock released the tool just days after the unprecedented data breach. It enables researchers to dissect the group’s operations, financial strategies, and evolving attack methodologies through natural language queries. This innovation follows the February 11, […]

The post BlackBastaGPT – A ChatGPT Powered Tool to Uncover Ransomware Group Tactics appeared first on Cyber Security News.

CLZero A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors. Inspired by the tool Smuggler all attack gadgets adapted from Smuggler and https://portswigger.net/research/how-to-turn-security-research-into-profit CL.0 Identification method The first request will be the “base” request. This is...

The post CLZero: fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors appeared first on Penetration Testing Tools.