SCARLETEEL Cryptojacking Campaign Exploiting AWS Fargate in Ongoing Campaign
Cloud environments continue to be at the receiving end of an ongoing advanced attack campaign dubbed SCARLETEEL, with the threat...
Year: 2023
Akira Ransomware Victim: Green Diamond
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Akira Ransomware Victim: Hamre Schumann Muell er & Larson HSML
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Akira Ransomware Victim: 4LEAF, Inc
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
LockBit 3.0 Ransomware Victim: panoramaeyecare[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Metersphere code execution | CVE-2023-35937
NAME__________Metersphere code executionPlatforms Affected:metersphere metersphere 2.10.1 LTSRisk Level:6Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Metersphere could allow a remote authenticated attacker to execute arbitrary code...
Novu open redirect | CVE-2023-35948
NAME__________Novu open redirectPlatforms Affected:Novu Novu 0.15Risk Level:5.4Exploitability:UnprovenConsequences:Other DESCRIPTION__________Novu could allow a remote attacker to conduct phishing attacks, caused by an...
Sourcecodester Shopping Website SQL injection | CVE-2023-3534
NAME__________Sourcecodester Shopping Website SQL injectionPlatforms Affected:Sourcecodester Shopping Website 1.0Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Sourcecodester Shopping Website is vulnerable to SQL injection. A...
Drogon response splitting | CVE-2023-26138
NAME__________Drogon response splittingPlatforms Affected:Drogon Drogon 1.8.4 Drogon Drogon 1.8.3 Drogon Drogon 1.8.2 Drogon Drogon 1.8.1 Drogon Drogon 1.8.0Risk Level:7.2Exploitability:UnprovenConsequences:Data Manipulation...
yt-dlp information disclosure | CVE-2023-35934
NAME__________yt-dlp information disclosurePlatforms Affected:yt-dlp yt-dlpRisk Level:6.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________yt-dlp could allow a remote attacker to obtain sensitive information. By sending a...
SimplePHPscripts Photo Gallery PHP cross-site scripting | CVE-2023-3538
NAME__________SimplePHPscripts Photo Gallery PHP cross-site scriptingPlatforms Affected:SimplePHPscripts Photo Gallery PHP 2.0Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________SimplePHPscripts Photo Gallery PHP is vulnerable to...
GZ Scripts Availability Booking Calendar PHP cross-site scripting | CVE-2023-3543
NAME__________GZ Scripts Availability Booking Calendar PHP cross-site scriptingPlatforms Affected:GZ Scripts Availability Booking Calendar PHP 1.8Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________GZ Scripts Availability...
Zoho ManageEngine ADAudit Plus cross-site scripting | CVE-2023-37308
NAME__________Zoho ManageEngine ADAudit Plus cross-site scriptingPlatforms Affected:Zoho ManageEngine ADAudit Plus 7091Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Zoho ManageEngine ADAudit Plus is vulnerable to...
SimplePHPscripts Funeral Script PHP cross-site scripting | CVE-2023-3536
NAME__________SimplePHPscripts Funeral Script PHP cross-site scriptingPlatforms Affected:SimplePHPscripts Funeral Script PHP 3.1Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________SimplePHPscripts Funeral Script PHP is vulnerable to...
Tekton Pipelines security bypass | CVE-2023-37264
NAME__________Tekton Pipelines security bypassPlatforms Affected:Tekton Pipelines 0.35.0Risk Level:3.7Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Tekton Pipelines could allow a remote authenticated attacker to bypass security...
Samsung Mobile directory traversal | CVE-2023-30678
NAME__________Samsung Mobile directory traversalPlatforms Affected:Samsung mobile devicesRisk Level:5.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Samsung Mobile could allow a local attacker to traverse directories on...
ThinuTech ThinuCMS cross-site scripting | CVE-2023-3542
NAME__________ThinuTech ThinuCMS cross-site scriptingPlatforms Affected:ThinuTech ThinuCMS 1.5Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________ThinuTech ThinuCMS is vulnerable to cross-site scripting, caused by improper validation...
SimplePHPscripts NewsLetter Script PHP cross-site scripting | CVE-2023-3540
NAME__________SimplePHPscripts NewsLetter Script PHP cross-site scriptingPlatforms Affected:SimplePHPscripts NewsLetter Script PHP 2.4Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________SimplePHPscripts NewsLetter Script PHP is vulnerable to...
Faculty Evaluation System SQL injection |
NAME__________Faculty Evaluation System SQL injectionPlatforms Affected:Faculty Evaluation System Faculty Evaluation System 1.0Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Faculty Evaluation System is vulnerable to...
GZ Scripts Time Slot Booking Calendar PHP cross-site scripting | CVE-2023-3544
NAME__________GZ Scripts Time Slot Booking Calendar PHP cross-site scriptingPlatforms Affected:GZ Scripts Time Slot Booking Calendar PHP 1.8Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________GZ...
SimplePHPscripts News Script PHP Pro cross-site scripting | CVE-2023-3537
NAME__________SimplePHPscripts News Script PHP Pro cross-site scriptingPlatforms Affected:SimplePHPscripts News Script PHP Pro 2.4Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________SimplePHPscripts News Script PHP Pro...
Winter CMS cross-site scripting | CVE-2023-37269
NAME__________Winter CMS cross-site scriptingPlatforms Affected:Winter CMS Winter CMS 1.2.2Risk Level:2Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Winter CMS is vulnerable to cross-site scripting, caused by...
ThinuTech ThinuCMS cross-site scripting | CVE-2023-3541
NAME__________ThinuTech ThinuCMS cross-site scriptingPlatforms Affected:ThinuTech ThinuCMS 1.5Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________ThinuTech ThinuCMS is vulnerable to cross-site scripting, caused by improper validation...
SimplePHPscripts FAQ Script PHP cross-site scripting | CVE-2023-3535
NAME__________SimplePHPscripts FAQ Script PHP cross-site scriptingPlatforms Affected:SimplePHPscripts FAQ Script PHP 2.3Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________SimplePHPscripts FAQ Script PHP is vulnerable to...
