Aggregator

A vulnerability was found in Campcodes Complete Web-Based School Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /view/student_profile1.php. The manipulation of the argument std_index leads to sql injection. The identification of this vulnerability is CVE-2024-5113. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in Campcodes Complete Web-Based School Management System 1.0. Affected is an unknown function of the file /view/teacher_attendance_history1.php. The manipulation of the argument index leads to sql injection. This vulnerability is traded as CVE-2024-5114. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical was found in Campcodes Complete Web-Based School Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /view/teacher_profile.php. The manipulation of the argument index leads to sql injection. This vulnerability is known as CVE-2024-5115. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in PHPGurukul Directory Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/index.php. The manipulation of the argument username leads to sql injection. The identification of this vulnerability is CVE-2024-5135. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability has been found in PHPGurukul Zoo Management System 2.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/forgot-password.php. The manipulation of the argument email leads to sql injection. This vulnerability is known as CVE-2024-5357. The attack can be launched remotely. Furthermore, there is an exploit available.

Северокорейская группа Lazarus похитила средства, подменив контракт холодного кошелька.

A vulnerability was found in 4d WebSTAR 5.3.3/5.4. It has been classified as critical. Affected is an unknown function. The manipulation leads to memory corruption. This vulnerability is traded as CVE-2005-1507. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Apple Safari and classified as very critical. This issue affects some unknown processing. The manipulation leads to numeric error. The identification of this vulnerability is CVE-2008-2303. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A Threat Actor Claims to be Selling Leads from an Unidentified Cloud Solutions Company in the USA

A Threat Actor Claims to have Leaked Hyrum City

A Threat Actor Claims to have Leaked the Data of Constitutional Court of Indonesia

Authors/Presenters: Martin Pratt

Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.

Permalink

The post DEF CON 32 – National Labs Use Of XR appeared first on Security Boulevard.

Lou Morentin, VP of Compliance & Privacy There are a number of significant changes coming to Healthcare Cybersecurity requirements. While not all are finalized, they point the way towards Health and Human Services tightening the controls and requirements. Healthcare Cybersecurity: A Shift Towards Resilience The healthcare industry is facing an evolving threat landscape, with cyberattacks […]

The post New Guidelines: Cybersecurity Resilience in the Healthcare Industry appeared first on CISO Global.

The post New Guidelines: Cybersecurity Resilience in the Healthcare Industry appeared first on Security Boulevard.

A vulnerability, which was classified as problematic, has been found in ABB ASPECT-Enterprise, NEXUS and MATRIX up to 3.08.02. This issue affects some unknown processing of the component Setting Handler. The manipulation leads to cross-site request forgery. The identification of this vulnerability is CVE-2024-48846. The attack may be initiated remotely. There is no exploit available.

A vulnerability was found in WeGIA 3.2.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /configuracao/meio_pagamento.php. The manipulation of the argument id/name leads to cross site scripting. This vulnerability is handled as CVE-2024-53471. The attack may be launched remotely. There is no exploit available.