CVE-2019-19245 |
Description: Posted by hyp3rlinx on Feb 01Updated SQL Injection CVE-2019-19245 exploit for Python3.
import requests,time,re,sys,argparse
#NAPC Xinet Elegant 6 Asset Library v6.1.655
#Pre-Auth SQL Injection 0day Exploit
#By hyp3rlinx
#ApparitionSec
#UPDATED: Jan 2024 for python3
#TODO: add SSL support
#===============================
#This will dump tables, usernames and passwords in vulnerable versions
#REQUIRE PARAMS:...
February 2nd, 2025 (5 months ago)
|
![]() |
Description: Posted by David Fifield on Feb 01I tested a few more times, and it appears the text injection has
disappeared.
These are timestamps when I tested, with offsets relative to the initial
discovery.
+0h 2025-01-28 03:00 initial discovery
+5h 2025-01-28 08:19 ?q=EgtoZWxsbyB3b3JsZA works
(https://archive.is/DD9xB)
+14h 2025-01-28 17:31 ?q=EgtoZWxsbyB3b3JsZA works
(no archive)
+45h...
February 2nd, 2025 (5 months ago)
|
![]() |
Description: Posted by Apple Product Security via Fulldisclosure on Feb 01APPLE-SA-01-30-2025-1 GarageBand 10.4.12
GarageBand 10.4.12 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/121866.
Apple maintains a Security Releases page at
https://support.apple.com/100100 which lists recent
software updates with security advisories.
GarageBand
Available for: macOS Sonoma 14.4 and later
Impact: Processing a maliciously crafted image may lead to arbitrary...
February 2nd, 2025 (5 months ago)
|
![]() |
Description: In October 2014, the (now defunct) Belgian gaming news forum 9Lives suffered a data breach that was later redistributed as part of a larger corpus of data. The breach exposed 109k unique email addresses along with usernames and salted MD5 password hashes.
February 2nd, 2025 (5 months ago)
|
CVE-2024-13099 |
Description: The Widget4Call WordPress plugin through 1.0.7 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.
EPSS Score: 0.04%
February 2nd, 2025 (5 months ago)
|
![]() |
Description: “CDC’s website is being modified to comply with President Trump’s Executive Orders.“
February 1st, 2025 (5 months ago)
|
![]() |
Description: 0mid16B Claims to have Leaked the Data of Cardinal Health
February 1st, 2025 (5 months ago)
|
![]() |
Description: A Threat Actor Claims to be Selling Data of Spanish Hospital in Mexico
February 1st, 2025 (5 months ago)
|
![]() |
Description: A Threat Actor Claims to have Leaked the Data of Colis Express S.A.
February 1st, 2025 (5 months ago)
|
![]() |
Description: A Threat Actor Claims to have Leaked Data of Telkomsel
February 1st, 2025 (5 months ago)
|