SaaS Security is Now Accessible and Affordable to All
This new product offers SaaS discovery and risk assessment coupled with a free user access review in a unique "freemium"...
Month: November 2023
FIRST Announces CVSS 4.0 – New Vulnerability Scoring System
The Forum of Incident Response and Security Teams (FIRST) has officially announced CVSS v4.0, the next generation of the Common...
LockBit 3.0 Ransomware Victim: vitaresearch[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: sanmiguel[.]iph
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: kitprofs[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: raumberg-gumpenstein[.]at
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: steelofcarolina[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: degregoris[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: summithealth[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: imprex[.]es
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: psmicorp[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
idbbee plugin for WordPress cross-site scripting | CVE-2023-5114
NAME__________idbbee plugin for WordPress cross-site scriptingPlatforms Affected:WordPress idbbee plugin for WordPress 1.0 WordPress idbbee plugin for WordPress 0.9Risk Level:5.4Exploitability:UnprovenConsequences:Cross-Site Scripting...
Grid Plus plugin for WordPress security bypass | CVE-2023-5250
NAME__________Grid Plus plugin for WordPress security bypassPlatforms Affected:G5Theme Grid Plus Plugin for WordPress 1.3.2 G5Theme Grid Plus plugin for WordPress...
TOTOLINK A3300R security bypass | CVE-2023-46992
NAME__________TOTOLINK A3300R security bypassPlatforms Affected:TOTOLINK A3300R 17.0.0cu.557_B20221024Risk Level:7.5Exploitability:Proof of ConceptConsequences:Bypass Security DESCRIPTION__________TOTOLINK A3300R could allow a remote attacker to bypass...
Bellows Accordion Menu plugin for WordPress cross-site scripting | CVE-2023-5164
NAME__________Bellows Accordion Menu plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Bellows Accordion Menu plugin for WordPress 1.4.2 WordPress Bellows Accordion Menu...
Virtualmin cross-site scripting | CVE-2023-47098
NAME__________Virtualmin cross-site scriptingPlatforms Affected:Virtualmin Virtualmin 7.7Risk Level:7.2Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Virtualmin is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
Virtualmin cross-site scripting | CVE-2023-47096
NAME__________Virtualmin cross-site scriptingPlatforms Affected:Virtualmin Virtualmin 7.7Risk Level:7.2Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Virtualmin is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
Virtualmin cross-site scripting | CVE-2023-47099
NAME__________Virtualmin cross-site scriptingPlatforms Affected:Virtualmin Virtualmin 7.7Risk Level:7.2Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Virtualmin is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
RafflePress plugin for WordPress cross-site scripting | CVE-2023-5049
NAME__________RafflePress plugin for WordPress cross-site scriptingPlatforms Affected:WordPress RafflePress plugin for WordPress 1.12.0 WordPress RafflePress plugin for WordPress 1.11.9Risk Level:6.4Exploitability:UnprovenConsequences:Cross-Site Scripting...
TOTOLINK X6000R code execution | CVE-2023-46485
NAME__________TOTOLINK X6000R code executionPlatforms Affected:TOTOLINK X6000R 9.4.0cu.852_B20230719Risk Level:7.3Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________TOTOLINK X6000R could allow a remote attacker to execute...
TOTOLINK X6000R code execution | CVE-2023-46484
NAME__________TOTOLINK X6000R code executionPlatforms Affected:TOTOLINK X6000R 9.4.0cu.852_B20230719Risk Level:7.3Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________TOTOLINK X6000R could allow a remote attacker to execute...
Virtualmin cross-site scripting | CVE-2023-47095
NAME__________Virtualmin cross-site scriptingPlatforms Affected:Virtualmin Virtualmin 7.7Risk Level:7.2Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Virtualmin is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
Hitachi Energy eSOMS information disclosure | CVE-2023-5516
NAME__________Hitachi Energy eSOMS information disclosurePlatforms Affected:Hitachi Energy eSOMS 6.0 Hitachi Energy eSOMS 6.3.13Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Hitachi Energy eSOMS could allow...
Cybozu Remote Service denial of service | CVE-2023-46278
NAME__________Cybozu Remote Service denial of servicePlatforms Affected:Cybozu Remote Service 4.1.1 Cybozu Remote Service 4.1.0Risk Level:4.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Cybozu Remote Service...
