The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and international partners have released a joint Cybersecurity Advis ...
Continue Reading
August 08, 2023
PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, it is possible to delete files from the server via the CustomerMessage API. Version 8.1.1 contains a patch for this iss ...
Continue Reading
August 07, 2023
PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, it is possible to delete a file from the server by using the Attachments controller and the Attachments API. Version 8. ...
Continue Reading
August 07, 2023
A bunch of networks, including [US Government networks](), have been hacked by the Chinese. The hackers used forged authentication tokens to access user email, using a [stolen]() [Microsoft]() Azure a ...
Continue Reading
August 07, 2023
Sentry is an error tracking and performance monitoring platform. Starting in version 22.1.0 and prior to version 23.7.2, an attacker with access to a token with few or no scopes can query `/api/0/api- ...
Continue Reading
August 07, 2023
# Description Bad actor can send to victims link (ie. obfuscated) with payload /signout and when victims will use it - can change the state of user (logged in/logged out). # Proof of Concept Payload: ...
Continue Reading
August 07, 2023
### Overview Freewill Solutions IFIS new trading web application version 20.01.01.04 is vulnerable to unauthenticated remote code execution. Successful exploitation of this vulnerability allows an att ...
Continue Reading
August 07, 2023
Post ContentRead More ...
Continue Reading
August 07, 2023
Back to Main
