CVE-2024-53855 - API Ticket Data Leakage in Centurion ERP – Exploit, Details, and Solutions
In June 2024, a security vulnerability was found in Centurion ERP, a popular open-source IT management tool focused on IT Service Management (ITSM) modules. This
CVE-2024-42330 - Exploiting HttpRequest Object’s Header Handling for Prototype Pollution in JavaScript
In June 2024, CVE-2024-42330 shed light on a subtle but powerful security flaw involving the HttpRequest object in common JavaScript libraries and environments. The vulnerability
CVE-2024-42331 - Understanding the Use-After-Free Bug in Zabbix’s Duktape Integration
On June 2024, a critical security vulnerability was disclosed in Zabbix, an enterprise-grade open source monitoring tool. This bug, CVE-2024-42331, centers on a use-after-free error
CVE-2024-42327 - Zabbix API SQL Injection Exploit in CUser.get – How Any API User Can Hack Your Database
---
Introduction
Yet another major security hole has been found in the world of network monitoring—this time in Zabbix, the popular open-source platform used
CVE-2024-36467 - How Authenticated API Users Can Escalate Privileges in Zabbix (Risk & Exploit Explained)
Zabbix is a popular, open-source monitoring platform widely used in IT environments. On June 2024, a critical security vulnerability—CVE-2024-36467—was disclosed. Simply put, if
Episode
00:00:00
00:00:00