Test Blog - Cloud WAF

CVE-2024-8923 : SERVICENOW NOW PLATFORM IMPROPER AUTHENTICATION

Description ServiceNow has addressed an input validation vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to remotely execute…

Common Vulnerabilities and Exposures

CVE-2024-49768 : PYLONS WAITRESS UP TO 3.0.0 ON PYTHON HTTP PIPELINING RECV_BYTES TOCTOU

Description Waitress is a Web Server Gateway Interface server for Python 2 and 3. A remote client may send a request that is exactly recv_bytes…

Common Vulnerabilities and Exposures

CVE-2024-6674 : PARISNEO LOLLMS-WEBUI UP TO 9.8 PRIVATE API KEY ORIGIN VALIDATION

Description A CORS misconfiguration in parisneo/lollms-webui prior to version 10 allows attackers to steal sensitive information such as logs, browser sessions, and settings containing private…

Learning Web Application Firewall

What is AI-Driven SOC?

An AI-powered Security Operations Center (SOC) represents a revolutionary change in the way organizations manage cybersecurity. By combining artificial intelligence (AI) and machine learning (ML)…

Common Vulnerabilities and Exposures

CVE-2024-47821 : PYLOAD UP TO 0.5.0B3.DEV86/ .PYLOAD/SCRIPTS OS COMMAND INJECTION

Description pyLoad is a free and open-source Download Manager. The folder `/.pyload/scripts` has scripts which are run when certain actions are completed, for e.g. a…

Common Vulnerabilities and Exposures

CVE-2024-48581 : SOURCECODESTER BEST COURIER MANAGEMENT SYSTEM 1.0 ADMIN_CLASS.PHP UNRESTRICTED UPLOAD

Description File Upload vulnerability in Best courier management system in php v.1.0 allows a remote attacker to execute arbitrary code via the admin_class.php component. References…