A security issue exists in D-Link D-View 8 v2.0.2.89 and prior that could allow an attacker to manipulate the probe inventory of the D-View service. This could result in the disclosure of info
A researcher at Tenable has discovered an issue that enables limited, unauthorized access to cross-tenant applications and sensitive data (including but not limited to authentication secrets). Background The issue occurred as a result of insufficient access control to Azure Function hosts, which are launched as part of the creation and operation of custom connectors in Microsoft’s Power Platform (Power Apps, Power Automation).
Last week, Senator Ron Wyden sent a letter to the Cybersecurity and Infrastructure Security Agency (CISA), the Department of Justice and the Federal Trade Commission (FTC) asking that they hold Microsoft accountable for a repeated pattern of negligent cybersecurity practices, which has enabled Chine
Paid Memberships Pro : CVE-2023-23488 - Unauthenticated SQL Injection
Easy Digital Downloads: CVE-2023-23489 - Unauthenticated SQL Injection
Survey Maker: CVE-2023-23490 - Authenticated SQL Injection