LockBit 3.0 Ransomware Victim: bianchiindustry[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Month: March 2023
Online Pizza Ordering System /php-opos/index.php SQL injection |
NAME__________Online Pizza Ordering System /php-opos/index.php SQL injectionPlatforms Affected:Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Online Pizza Ordering System is vulnerable to SQL injection. A...
Izmir Katip Celebi University UBYS cross-site scripting | CVE-2023-0320
NAME__________Izmir Katip Celebi University UBYS cross-site scriptingPlatforms Affected:Izmir Katip Celebi University UBYS 23.03.16Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Izmir Katip Celebi University UBYS...
Human Resource Management System /hrm/controller/login.php SQL injection |
NAME__________Human Resource Management System /hrm/controller/login.php SQL injectionPlatforms Affected:Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Human Resource Management System is vulnerable to SQL injection. A...
MEGAFEIS, BOFEI DBD+ Application for IOS & Android information disclosure | CVE-2022-45635
NAME__________MEGAFEIS, BOFEI DBD+ Application for IOS & Android information disclosurePlatforms Affected:Risk Level:7.5Exploitability:Proof of ConceptConsequences:Obtain Information DESCRIPTION__________MEGAFEIS, BOFEI DBD+ Application for...
Frontier denial of service | CVE-2023-28431
NAME__________Frontier denial of servicePlatforms Affected:Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Frontier is vulnerable to a denial of service, caused by a gas...
Medical Certificate Generator App SQL injection | CVE-2023-1566
NAME__________Medical Certificate Generator App SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Medical Certificate Generator App is vulnerable to SQL injection. A remote...
Pacsrapor cross-site scripting | CVE-2023-1153
NAME__________Pacsrapor cross-site scriptingPlatforms Affected:Pacsrapor Pacsrapor 1.22Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Pacsrapor is vulnerable to SQL injection. A remote attacker could send specially-crafted...
Pacsrapor cross-site scripting | CVE-2023-1154
NAME__________Pacsrapor cross-site scriptingPlatforms Affected:Pacsrapor Pacsrapor 1.22Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Pacsrapor is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
Prestashop tshirtecommerce SQL injection | CVE-2023-27637
NAME__________Prestashop tshirtecommerce SQL injectionPlatforms Affected:Paradox IPR512Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Prestashop tshirtecommerce module is vulnerable to SQL injection. A remote attacker could...
Simple and Beautiful Shopping Cart System file upload | CVE-2023-1558
NAME__________Simple and Beautiful Shopping Cart System file uploadPlatforms Affected:Risk Level:4.7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Simple and Beautiful Shopping Cart System could allow a...
Sentry SDK for Python information disclosure | CVE-2023-28117
NAME__________Sentry SDK for Python information disclosurePlatforms Affected:Risk Level:7.6Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Sentry SDK for Python could allow a remote authenticated attacker to...
MEGAFEIS, BOFEI DBD+ Application for IOS & Android information disclosure | CVE-2022-45634
NAME__________MEGAFEIS, BOFEI DBD+ Application for IOS & Android information disclosurePlatforms Affected:Risk Level:7.5Exploitability:Proof of ConceptConsequences:Obtain Information DESCRIPTION__________MEGAFEIS, BOFEI DBD+ Application for...
Minio information disclosure | CVE-2023-28432
NAME__________Minio information disclosurePlatforms Affected:Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Minio could allow a remote attacker to obtain sensitive information, caused by a flaw...
Cisco ASA, FTD, IOS and IOS XE Software denial of service | CVE-2023-20081
NAME__________Cisco ASA, FTD, IOS and IOS XE Software denial of servicePlatforms Affected:Cisco Adaptive Security Appliance Software Cisco IOS Software Cisco...
Devolutions Remote Desktop Manager information disclosure | CVE-2023-1574
NAME__________Devolutions Remote Desktop Manager information disclosurePlatforms Affected:Risk Level:2.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Devolutions Remote Desktop Manager could allow a local attacker to obtain...
Air Cargo Management System SQL injection | CVE-2023-1564
NAME__________Air Cargo Management System SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Air Cargo Management System is vulnerable to SQL injection. A remote...
Student Study Center Desk Management System cross-site scripting | CVE-2023-1567
NAME__________Student Study Center Desk Management System cross-site scriptingPlatforms Affected:Risk Level:3.5Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Student Study Center Desk Management System is vulnerable to...
NextCloud Server brute force | CVE-2023-25820
NAME__________NextCloud Server brute forcePlatforms Affected:Risk Level:4.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________NextCloud Server is vulnerable to a brute force attack, caused by improper restriction...
Student Study Center Desk Management System cross-site scripting | CVE-2023-1568
NAME__________Student Study Center Desk Management System cross-site scriptingPlatforms Affected:Risk Level:3.5Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Student Study Center Desk Management System is vulnerable to...
Pimcore directory traversal | CVE-2023-28438
NAME__________Pimcore directory traversalPlatforms Affected:Risk Level:6.2Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Pimcore could allow a remote authenticated attacker to traverse directories on the system, caused...
DataGear SQL injection | CVE-2023-1571
NAME__________DataGear SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________DataGear is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL...
Prestashop tshirtecommerce SQL injection | CVE-2023-27638
NAME__________Prestashop tshirtecommerce SQL injectionPlatforms Affected:Paradox IPR512Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Prestashop tshirtecommerce module is vulnerable to SQL injection. A remote attacker could...
Student Study Center Desk Management System SQL injection | CVE-2023-1563
NAME__________Student Study Center Desk Management System SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Student Study Center Desk Management System is vulnerable to...
