2024 – TNT Sécurité

Archives de l'Année

1
2
3
4
5	2 Articles archivés
6
7
8
9
10
11
12

Your Information:

Your IP: 2600:1f28:365:80b0:cbc1:129d:90f2:afdf

Country: United States

Flag:

Region: VA

City: Ashburn

Browser: Unknown

System: Unknown OS Platform
Login
Outils

Swiss Army Suite (SAS) | 9.35 MB
Télécharger

Mango Keywords 3.4.1 | 25.26 MB
Télécharger

Dork Searcher V3 | 64.46 MB
Télécharger

Magic Dork V3.4.5 | 14.59 MB
Télécharger

SQLi Dorks Generator | 1.62 MB
Télécharger

SQLi Dumper 10.5 | 31.46 KB
Télécharger

Scan Now UPnP | 5.91 MB
ScanNowUPnP
Microsoft Office Pro 2024
Windows 11 Téléchargez le .ISO
Darwbeb avec Tails
Articles parlant de Metasploit
L’exploit KRACK affecte tous les périphériques Wi-Fi
Windows 10 Téléchargez le .ISO
Vulnérabilité DNS
Indésirable bloqué

0 indésirable bloqué par Akismet
Vitesse de connexion
Catégories

Cracking Différentes attaques Divers Encryption routeur Failles de sécurités Information Metasploit Microsoft Protection
Archives

TNT Hacking World
Articles récents
Search for:
Exploit Database
Common Vulnerability Database
- CVE-2026-33141 10 avril 2026
  Medium Severity Description Chamilo LMS is a learning management system. Prior to 2.0.0-RC.3, an Insecure Direct Object Reference (IDOR) vulnerability in the REST API stats endpoint allows any authenticated user (including low-privilege students with ROLE_USER) to read any other user's learning progress, certificates, and gradebook scores for any course, without enrollment or supervisory relationship. This […]
- CVE-2026-32892 10 avril 2026
  Critical Severity Description Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, Chamilo LMS contains an OS Command Injection vulnerability in the file move function. The move() function in fileManage.lib.php passes user-controlled path values directly into exec() shell commands without using escapeshellarg(). When a user moves a document via document.php, the move_to […]
- CVE-2026-1502 10 avril 2026
  Medium Severity Description CR/LF bytes were not rejected by HTTP client proxy tunnel headers or host. Read more at https://www.tenable.com/cve/CVE-2026-1502
- CVE-2026-32932 10 avril 2026
  Medium Severity Description Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an Open Redirect vulnerability in the session course edit page allows an attacker to redirect an authenticated administrator to an arbitrary external URL after saving coach assignment changes. The redirect also leaks the id_session parameter to the attacker's server. This […]
- CVE-2026-32931 10 avril 2026
  High Severity Description Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, an unrestricted file upload vulnerability in the exercise sound upload function allows an authenticated teacher to upload a PHP webshell by spoofing the Content-Type header to audio/mpeg. The uploaded file retains its original .php extension and is placed in a […]
Bugtraq
- SEC Consult SA-20260401-0 :: Broken Access Control in Open WebUI 3 avril 2026
  Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 02SEC Consult Vulnerability Lab Security Advisory < 20260401-0 > ======================================================================= title: Broken Access Control product: Open WebUI vulnerable version:
- SEC Consult SA-20260326-0 :: Local Privilege Escalation in Vienna Assistant (MacOS) - Vienna Symphonic Library 3 avril 2026
  Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 02SEC Consult Vulnerability Lab Security Advisory < 20260326-0 > ======================================================================= title: Local Privilege Escalation product: Vienna Assistant (MacOS) - Vienna Symphonic Library vulnerable version: 1.2.542 fixed version: - CVE number: CVE-2026-24068 impact: high homepage:https://www.vsl.co.at/ ...
- Apple OHTTP Relay: 14 Third-Party Endpoints, 6 Countries, Zero User Visibility 3 avril 2026
  Posted by Joseph Goydish II via Fulldisclosure on Apr 02SUMMARY Apple's Oblivious HTTP relay for Live Caller ID Lookup (iOS 18+) routes traffic through 14 third-party endpoints across six countries. These include an anonymous Delaware LLC sharing data with OpenAI, a Russian endpoint (Yandex), and a Swiss GmbH whose privacy policy names "The Legal Entity […]
- [KIS-2026-06] MetInfo CMS <= 8.1 (weixinreply.class.php) PHP Code Injection Vulnerability 3 avril 2026
  Posted by Egidio Romano on Apr 02--------------------------------------------------------------------------- MetInfo CMS
- [CVE-2026-33691] OWASP CRS whitespace padding bypass vulnerability 3 avril 2026
  Posted by cyber security on Apr 02A vulnerability was identified in OWASP CRS where whitespace padding in filenames can bypass file upload extension checks, allowing uploads of dangerous files such as .php, .phar, .jsp, and .jspx. This issue has been assigned CVE‑2026‑33691. Impact: Attackers may evade CRS protections and upload web shells disguised with whitespace‑padded […]