LockBit 3.0 Ransomware Victim: grupocobra[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Month: October 2023
LockBit 3.0 Ransomware Victim: hgmonline[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Pega Platform cross-site scripting | CVE-2023-32088
NAME__________Pega Platform cross-site scriptingPlatforms Affected:Pegasystems Pega Platform 8.1 Pegasystems Pega Platform 23.1.0Risk Level:4.6Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Pega Platform is vulnerable to cross-site...
CodeAstro Internet Banking System cross-site scripting | CVE-2023-5695
NAME__________CodeAstro Internet Banking System cross-site scriptingPlatforms Affected:CodeAstro Internet Banking System 1.0Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________CodeAstro Internet Banking System is vulnerable to...
HCL Compass weak security | CVE-2023-37504
NAME__________HCL Compass weak securityPlatforms Affected:HCL Compass 2.0 HCL Compass 2.1 HCL Compass 2.2Risk Level:7.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________HCL Compass could provide weaker...
CodeAstro Internet Banking System cross-site scripting | CVE-2023-5696
NAME__________CodeAstro Internet Banking System cross-site scriptingPlatforms Affected:CodeAstro Internet Banking System 1.0Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________CodeAstro Internet Banking System is vulnerable to...
Widgets for Google Reviews plugin for WordPress cross-site request forgery | CVE-2023-3254
NAME__________Widgets for Google Reviews plugin for WordPress cross-site request forgeryPlatforms Affected:Trustindex.io Widgets for Google Reviews plugin for WordPress 10.9Risk Level:4.3Exploitability:UnprovenConsequences:Gain...
CodeAstro Internet Banking System SQL injection | CVE-2023-5693
NAME__________CodeAstro Internet Banking System SQL injectionPlatforms Affected:CodeAstro Internet Banking System 1.0Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________CodeAstro Internet Banking System is vulnerable to...
CodeAstro Internet Banking System cross-site scripting | CVE-2023-5698
NAME__________CodeAstro Internet Banking System cross-site scriptingPlatforms Affected:CodeAstro Internet Banking System 1.0Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________CodeAstro Internet Banking System is vulnerable to...
CodeAstro Internet Banking System cross-site scripting | CVE-2023-5694
NAME__________CodeAstro Internet Banking System cross-site scriptingPlatforms Affected:CodeAstro Internet Banking System 1.0Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________CodeAstro Internet Banking System is vulnerable to...
radare2 heap-based buffer overflow | CVE-2023-5686
NAME__________radare2 heap-based buffer overflowPlatforms Affected:radare2 radare2 5.8.9Risk Level:5.1Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________radare2 is vulnerable to a heap-based buffer overflow, caused...
Pega Platform cross-site scripting | CVE-2023-32087
NAME__________Pega Platform cross-site scriptingPlatforms Affected:Pegasystems Pega Platform 8.1 Pegasystems Pega Platform 23.1.0Risk Level:4.6Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Pega Platform is vulnerable to cross-site...
CodeAstro Internet Banking System cross-site scripting | CVE-2023-5697
NAME__________CodeAstro Internet Banking System cross-site scriptingPlatforms Affected:CodeAstro Internet Banking System 1.0Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________CodeAstro Internet Banking System is vulnerable to...
Pega Platform cross-site scripting | CVE-2023-32089
NAME__________Pega Platform cross-site scriptingPlatforms Affected:Pegasystems Pega Platform 8.1 Pegasystems Pega Platform 8.8.2Risk Level:4.6Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Pega Platform is vulnerable to cross-site...
Modern Footnotes Plugin for WordPress cross-site scripting | CVE-2023-5618
NAME__________Modern Footnotes Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Modern Footnotes Plugin for WordPress 1.4.16Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Modern Footnotes Plugin for...
SuperWebMailer SQL injection | CVE-2023-38190
NAME__________SuperWebMailer SQL injectionPlatforms Affected:SuperWebMailer SuperWebMailer 9.00.0.01710Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________SuperWebMailer is vulnerable to SQL injection. A remote attacker could send specially-crafted...
SuperWebMailer cross-site scripting | CVE-2023-38191
NAME__________SuperWebMailer cross-site scriptingPlatforms Affected:SuperWebMailer SuperWebMailer 9.00.0.01710Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________SuperWebMailer is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
SuperWebMailer cross-site scripting | CVE-2023-38194
NAME__________SuperWebMailer cross-site scriptingPlatforms Affected:SuperWebMailer SuperWebMailer 9.00.0.01710Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________SuperWebMailer is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
Leantime SQL injection | CVE-2023-45826
NAME__________Leantime SQL injectionPlatforms Affected:Leantime Leantime 2.4-beta-3Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Leantime is vulnerable to SQL injection. A remote attacker could send specially...
SuperWebMailer cross-site scripting | CVE-2023-38193
NAME__________SuperWebMailer cross-site scriptingPlatforms Affected:SuperWebMailer SuperWebMailer 9.00.0.01710Risk Level:6.3Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________SuperWebMailer could allow a remote authenticated attacker to execute arbitrary code on...
Microsoft Edge (Chromium-based) information disclosure | CVE-2023-36409
NAME__________Microsoft Edge (Chromium-based) information disclosurePlatforms Affected:Microsoft Edge (Chromium-based) 118.0Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Microsoft Edge (Chromium-based) could allow a remote attacker to...
YDB Platform ydb-go-sdk information disclosure | CVE-2023-45825
NAME__________YDB Platform ydb-go-sdk information disclosurePlatforms Affected:YDB Platform ydb-go-sdk 3.48.6 YDB Platform ydb-go-sdk 3.53.2Risk Level:5.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________YDB Platform ydb-go-sdk could allow...
WP Customer Reviews Plugin for WordPress cross-site scripting | CVE-2023-4648
NAME__________WP Customer Reviews Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress WP Customer Reviews Plugin for WordPress 3.6.6Risk Level:4.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________WP Customer...
Tongda OA SQL injection | CVE-2023-5682
NAME__________Tongda OA SQL injectionPlatforms Affected:Tongda Tongda OA 2017Risk Level:6.5Exploitability:HighConsequences:Gain Access DESCRIPTION__________Tongda OA is vulnerable to SQL injection. A remote attacker...
