CVE-2023-28698
Wade Graphic Design FANTSY has a vulnerability of insufficient authorization check. An unauthenticated remote user can exploit this vulnerability by modifying URL parameters to gain administrator priv ...
Continue Reading
June 02, 2023
CVE-2023-3000
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Erikoglu Technology ErMon allows Command Line Execution through SQL Injection, Authentication Bypa ...
Continue Reading
June 02, 2023
Private APIs at Risk: Q1-2023 API ThreatStats⢠Report
According to a Mar-2022 API survey by Gartner, 98% of organizations use or are planning to use internal APIs â up from 88% in 2019. And 90% of organizations use or are planning to use private API ...
Continue Reading
June 01, 2023
Wordfence Intelligence Weekly WordPress Vulnerability Report (May 22, 2023 to May 28, 2023)
Last week, there were 90 vulnerabilities disclosed in 77 WordPress Plugins and no WordPress themes that have been added to the Wordfence Intelligence Vulnerability Database, and there were 29 Vulnerab ...
Continue Reading
June 01, 2023
CVE-2022-4333
Hardcoded Credentials in multiple SPRECON-E CPU variants of Sprecher Automation allows an remote attacker to take over the device. These accounts should be deactivated according to Sprecher's hardenin ...
Continue Reading
June 01, 2023
Why Attackers Target the Gaming Industry
## Key Takeaways: * The gaming industry is a common target for cyberattacks due to its financial success and vast user base. * Volumetric [DDoS attacks]() can disrupt service, distract from more s ...
Continue Reading
May 30, 2023
Critical OAuth Vulnerability in Expo Framework Allows Account Hijacking
[]() A critical security vulnerability has been disclosed in the Ope ...
Continue Reading
May 27, 2023
Critical OAuth Vulnerability in Expo Framework Allows Account Hijacking
[]() A critical security vulnerability has been disclosed in the Ope ...
Continue Reading
May 27, 2023
CVE-2023-28131
A vulnerability in the expo.io framework allows an attacker to take over accounts and steal credentials on an application/website that configured the "Expo AuthSession Redirect Proxy" for social sign- ...
Continue Reading
May 25, 2023
CVE-2023-2851
** UNSUPPPORTED WHEN ASSIGNED ** Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AGT Tech Ceppatron allows Command Line Execution through SQL Inje ...
Continue Reading
May 25, 2023
