#apple

Pharmacy Management System version 1.0 Insecure Settings

Pharmacy Management System version version 1.0 suffers from an ignored default credential vulnerability.

10 months ago

#sql #xss #csrf #vulnerability #web #ios #mac #windows #apple #google #ubuntu #linux #debian #cisco #java #php #perl #auth #ruby #firefox

PDF Generator Web Application 1.0 Insecure Settings

PDF Generator Web Application version 1.0 suffers from an ignored default credential vulnerability.

10 months ago

Packet Storm

Open in Source

#sql #xss #csrf #vulnerability #web #ios #mac #windows #apple #google #ubuntu #linux #debian #cisco #java #php #perl #pdf #auth #ruby #firefox

Online Travel Agency System 1.0 Insecure Settings

Online Travel Agency System version 1.0 suffers from an ignored default credential vulnerability.

10 months ago

Packet Storm

Open in Source

#sql #xss #csrf #vulnerability #web #ios #mac #windows #apple #google #ubuntu #linux #debian #cisco #java #php #perl #auth #ruby #firefox

Online Tours and Travels Management System 1.0 Insecure Settings

Online Tours and Travels Management System version 1.0 suffers from an ignored default credential vulnerability.

10 months ago

Packet Storm

Open in Source

#sql #xss #csrf #vulnerability #web #ios #mac #windows #apple #google #ubuntu #linux #debian #cisco #java #php #perl #auth #ruby #firefox

New Android SpyAgent Malware Uses OCR to Steal Crypto Wallet Recovery Keys

Android device users in South Korea have emerged as a target of a new mobile malware campaign that delivers a new type of threat dubbed SpyAgent. The malware "targets mnemonic keys by scanning for images on your device that might contain them," McAfee Labs researcher SangRyol Ryu said in an analysis, adding the targeting footprint has broadened in scope to include the U.K. The campaign makes use

10 months ago

The Hacker News

Open in Source

#web #ios #android #apple #git #auth #The Hacker News

GHSA-m8rp-vv92-46c7: gix-path improperly resolves configuration path reported by Git

### Summary `gix-path` runs `git` to find the path of a configuration file associated with the `git` installation, but improperly resolves paths containing unusual or non-ASCII characters, in rare cases enabling a local attacker to inject configuration leading to code execution. ### Details In `gix_path::env`, the underlying implementation of the `installation_config` and `installation_config_prefix` functions calls `git config -l --show-origin` to find the path of a file to treat as belonging to the `git` installation. Affected versions of `gix-path` do not pass `-z`/`--null` to cause `git` to report literal paths (650a1b5cf25e086197cc55a68525a411e1c28031). Instead, to cover the occasional case that `git` outputs a quoted path, they attempt to parse the path by stripping the quotation marks: https://github.com/Byron/gitoxide/blob/1cfe577d461293879e91538dbc4bbfe01722e1e8/gix-path/src/env/git/mod.rs#L138-L142 The problem is that, when a path is quoted, it may change in substantial...

10 months ago

ghsa

Open in Source

#vulnerability #mac #windows #apple #ubuntu #git #perl #ssh

Online Sports Complex Booking System 1.0 Insecure Settings

Online Sports Complex Booking System version 1.0 suffers from an ignored default credential vulnerability.

10 months ago

Packet Storm

Open in Source