A vulnerability was found in 1000 Projects Employee Task Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/AdminLogin.php. The manipulation of the argument email leads to sql injection.
This vul…
A vulnerability was found in IBM Aspera Faspex up to 5.0.10 and classified as problematic. Affected by this issue is some unknown functionality. The manipulation leads to execution with unnecessary privileges.
This vulnerability is handled as CVE-2023…
A vulnerability has been found in IBM Aspera Faspex up to 5.0.10 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component User Account Handler. The manipulation leads to weak password requirements.
Thi…
A vulnerability, which was classified as problematic, was found in IBM Aspera Faspex up to 5.0.10. Affected is an unknown function of the component User Account Handler. The manipulation leads to weak password requirements.
This vulnerability is trade…
A vulnerability, which was classified as critical, has been found in Akamai Enterprise Application Access. This issue affects some unknown processing of the component Debug Command Handler. The manipulation leads to incorrect permission assignment.
Th…
A vulnerability classified as problematic was found in IBM Aspera Faspex up to 5.0.10. This vulnerability affects unknown code. The manipulation leads to observable response discrepancy.
This vulnerability was named CVE-2023-37413. The attack can be i…
The North Korean threat actor known as the Lazarus Group has been observed leveraging a “web-based administrative platform” to oversee its command-and-control (C2) infrastructure, giving the adversary the ability to centrally supervise all aspects of t…
I have set up a virtual lab using VMware with the following machines:
Ubuntu (Running Snort for intrusion detection)
Kali Linux (Used as the attacking machine)
Metasploitable 2 (Hosting Mutilidae, a vulnerable web application)
All machin…
While I have read a number of articles/papers etc on Quantum, I wonder if the only answer is 10 or if 3 or 5 will be a practical way forward as an interim measure?
While most advocate a transition from what we have today it quickly jumps i…
I am trying to run an unauthenticated active scan of a website as part of a penetration test, and there is one form on the website on a contact page that looks like it will send emails a singular contact. We don’t want to flood this person…
