An issue in a hidden API in ZKTeco BioTime v8.5.5 allows unauthenticated attackers to arbitrarily reset the Administrator password via a crafted web request.Read More ...

Continue Reading

August 04, 2023

A path traversal vulnerability in the iclock API of ZKTeco BioTime v8.5.5 allows unauthenticated attackers to read arbitrary files via supplying a crafted payload.Read More ...

Continue Reading

August 04, 2023

Last week, there were 64 vulnerabilities disclosed in 66 WordPress Plugins and 3 WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 32 Vulnerabi ...

Continue Reading

August 03, 2023

# CVE-2022-1442 WordPress Plugin Metform <= 2.1.3 - Improper ...Read More ...

Continue Reading

August 03, 2023

[![](https://blogger.googleusercontent.com/img/a/AVvXsEhUuZJSO5HgKHDxtpT1g2u_BQda5hzIsSp1YjJULHZCocCr-A3VoEJ1VTFcqtVvv2BvPxPT3KescAdRA2bRwV93-Ri9DnmpSBpipFvc_mLkSZze8xSPPhhBblfTvkf30ne1vJ8w6XN1qJb3r08 ...

Continue Reading

August 03, 2023

Some API routes exists in Control ID IDSecure 4.7.26.0 and prior, exfiltrating sensitive information and passwords to users accessing these API routes.Read More ...

Continue Reading

August 03, 2023

[]() Cybersecurity researchers have discovered a bypass ...

Continue Reading

August 03, 2023

org.apache.nifi:* is vulnerable to Arbitrary Code Injection. The vulnerability exists in several functions which allows an authenticated attacker to submit a malicious request to configure a location ...

Continue Reading

August 03, 2023