Aggregator

A vulnerability described as critical has been identified in MyBB 1.00 Rc4. The affected element is an unknown function of the file calendar.php. Such manipulation of the argument pid leads to sql injection. This vulnerability is traded as CVE-2005-1833. The attack may be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in MyBB 1.0 Pr2/Rc4 and classified as critical. This affects an unknown part of the file usercp.php. The manipulation of the argument awayday results in sql injection. This vulnerability was named CVE-2005-3326. The attack may be performed from a remote location. In addition, an exploit is available.

A vulnerability marked as critical has been reported in Mywebland myBloggie 2.1.1/2.1.3. This vulnerability affects unknown code of the file search.php. The manipulation of the argument post_id leads to sql injection. This vulnerability is uniquely identified as CVE-2005-1500. The attack is possible to be carried out remotely. Moreover, an exploit is present.

A vulnerability identified as problematic has been detected in Mywebland myBloggie 2.1.1/2.1.2. Affected by this issue is some unknown functionality of the file viewmode.php of the component Error Message Handler. Performing manipulation of the argument post_id results in basic cross site scripting. This vulnerability is known as CVE-2005-1498. Remote exploitation of the attack is possible. Furthermore, an exploit is available. You should upgrade the affected component.

A vulnerability was found in My Image Gallery 1.4.1. It has been classified as problematic. This affects an unknown function of the file index.php. The manipulation of the argument image leads to basic cross site scripting. This vulnerability is referenced as CVE-2005-2603. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

A vulnerability, which was classified as critical, was found in My Little Homepage My Little Forum 1.5. The affected element is an unknown function of the file search.php. The manipulation of the argument Search results in sql injection. This vulnerability is identified as CVE-2005-3045. The attack can be executed remotely. Additionally, an exploit exists.

A vulnerability described as critical has been identified in Interakt MX Shop 3.2.0. This issue affects some unknown processing of the file index.php. Such manipulation leads to sql injection. This vulnerability is referenced as CVE-2005-3004. It is possible to launch the attack remotely. Furthermore, an exploit is available.

2025年8月26日，第二届“长城杯”信息安全铁人三项赛（作品赛）总决赛将在红色故都江西省赣州市燃情开赛！

Fake CoinMarketCap journalist profiles used in spear-phishing target crypto execs via Zoom interviews, risking malware, data theft, and…

Администраторам придётся переходить на собственные почтовые адреса.

US Cyber Defense Agency Pushes for Automation and Machine-Readable Data in SBOMs
The Cybersecurity and Infrastructure Security Agency released a draft update to its Software Bill of Materials minimum elements guidance, adding components to push SBOMs toward automated, operational use in supply chain risk tracking - while also addressing gaps in standardization and visibility.

议题火热征集中，欢迎投稿

美国总统特朗普宣布与英特尔达成协议，美国政府将持有芯片巨人 10% 的股份。英特尔是唯一一家能在美国本土制造先进芯片的美国公司，该公司在新闻稿中表示，美国政府向英特尔普通股投资 89 亿美元，以每股 20.47 美元购买了 4.33 3亿股，持有该公司 10% 的股份。英特尔指出，政府支付的价格低于当前的市场价格。89 亿美元中的 57 亿美元来自 CHIPS Act 下已授予但未支付的政府拨款，32 亿美元来自一项制造安全芯片的政府拨款。英特尔表示，美国政府将不会拥有董事席位或其它治理权力。

Каждый патч порождал новые способы взлома, а индустрия продолжала игнорировать системные изъяны.

Learn why mobile IPs outperform datacenter IPs for large-scale scraping, reducing bans and boosting success with natural traffic patterns.

The post Scraping At Carrier Scale: Why Mobile IPs Outperform Datacenter IPs appeared first on Security Boulevard.

中国关联的Silk Typhoon APT组织针对北美发动攻击，利用已知和零日漏洞入侵系统。该组织活跃于2020年至今，目标涵盖IT服务、医疗、法律等多领域，并擅长通过云环境横向移动及数据窃取。其技术包括使用网络外壳和定制恶意软件CloudedHope，并通过可信云关系隐蔽行动。CrowdStrike警告称该组织对北美关键行业构成严重威胁。

China-linked Silk Typhoon APT group ramp up North America attacks, exploiting n-day and zero-day flaws for system access, CrowdStrike warns. China-linked Silk Typhoon APT group (aka Murky Panda) targets organizations in North America exploiting n-day and zero-day flaws for system access, CrowdStrike warns. This Chinese APT has one of the widest targeting scopes. In March, […]