# Description Hello Team, Create a member functionality is vulnerable for CSRF Attack , by exploiting CSRF vulnerability , attacker can add new Members ``` ``` ``` POC video: https://drive.google.co ...
Continue Reading
December 29, 2022
# Description An attacker can add any user thoughts via a CSRF attack When you send a link to the victim and click on it, any thoughts will be added # Proof of Concept 1- When the attacker adds any t ...
Continue Reading
December 29, 2022
# Description This vuln allow attacker trigger admin submitting a malicious request to create new user with any role. # Proof of Concept 1. Attacker create malicious script with csrf payload and uplo ...
Continue Reading
December 29, 2022
[vc_row][vc_column][vc_column_text] For a detailed threat digest, download the pdf file here Summary Hive Pro has discovered two actors that have been active in the last week. The first, Gamaredon G ...
Continue Reading
December 29, 2022
A vulnerability classified as problematic was found in ONC code-validator-api up to 1.0.30. This vulnerability affects the function vocabularyValidationConfigurations of the file src/main/java/org/sit ...
Continue Reading
December 29, 2022
The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site ...
Continue Reading
December 29, 2022
LZ4 bindings use a deprecated C API that is vulnerable to memory corruption, which could lead to arbitrary code execution if called with untrusted user input.Read More ...
Continue Reading
December 29, 2022
Alpine is a scaffolding library in Java. Alpine prior to version 1.10.4 allows Authentication Filter bypass. The AuthenticationFilter relies on the request URI to evaluate if the user is accessing the ...
Continue Reading
December 29, 2022
Back to Main
