Month: January 2025

CVE Alert: CVE-2024-37925

January 3, 2025

Vulnerability Summary: CVE-2024-37925 Cross-Site Request Forgery (CSRF) vulnerability in BUDDYBOSS LLC BuddyBoss Theme allows Cross Site Request Forgery.This issue affects...

[HUNTERS] – Ransomware Victim: Nikki-Universal Co Ltd

January 3, 2025

Ransomware Group: HUNTERS VICTIM NAME: Nikki-Universal Co Ltd NOTE: No files or stolen information are by RedPacket Security. Any legal...

[CICADA3301] – Ransomware Victim: ISOR

January 3, 2025

Ransomware Group: CICADA3301 VICTIM NAME: ISOR NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

CVE Alert: CVE-2023-32240

January 3, 2025

Vulnerability Summary: CVE-2023-32240 Missing Authorization vulnerability in Xtemos WoodMart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WoodMart:...

CVE Alert: CVE-2022-45830

January 3, 2025

Vulnerability Summary: CVE-2022-45830 Missing Authorization vulnerability in Analytify.This issue affects Analytify: from n/a through 4.2.3. Affected Endpoints: No affected endpoints...

CVE Alert: CVE-2022-41995

January 3, 2025

Vulnerability Summary: CVE-2022-41995 Missing Authorization vulnerability in Galleryape Gallery Images Ape allows Exploiting Incorrectly Configured Access Control Security Levels.This issue...

CVE Alert: CVE-2022-43476

January 3, 2025

Vulnerability Summary: CVE-2022-43476 Missing Authorization vulnerability in Daniel Söderström / Sidney van de Stouwe Subscribe to Category allows Exploiting Incorrectly...

CVE Alert: CVE-2023-45633

January 3, 2025

Vulnerability Summary: CVE-2023-45633 Missing Authorization vulnerability in IDX IMPress Listings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects...

CVE Alert: CVE-2023-40327

January 3, 2025

Vulnerability Summary: CVE-2023-40327 Missing Authorization vulnerability in Putler / Storeapps Putler Connector for WooCommerce.This issue affects Putler Connector for WooCommerce:...

CVE Alert: CVE-2023-45272

January 3, 2025

Vulnerability Summary: CVE-2023-45272 Missing Authorization vulnerability in 10Web 10Web Map Builder for Google Maps allows Exploiting Incorrectly Configured Access Control...

CVE Alert: CVE-2023-39994

January 3, 2025

Vulnerability Summary: CVE-2023-39994 Missing Authorization vulnerability in Repute InfoSystems ARMember Premium allows Exploiting Incorrectly Configured Access Control Security Levels.This issue...

CVE Alert: CVE-2023-48739

January 3, 2025

Vulnerability Summary: CVE-2023-48739 Missing Authorization vulnerability in Porto Theme Porto Theme - Functionality allows Exploiting Incorrectly Configured Access Control Security...

Vulnerability Summary: CVE-2023-48758 Missing Authorization vulnerability in Crocoblock JetEngine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetEngine:...

TryHackMe Walkthrough : Dodge

January 3, 2025

Introduction This write-up documents the exploitation lifecycle of the Dodge CTF machine, a complex challenge that emphasised the importance of...