all InfoSec news
Karros Technologies Authentication Bypass
April 19, 2024, 12:32 p.m. | Jimi Sebree
Tenable Research Advisories www.tenable.com
Researchers within Tenable have discovered security-related issues regarding the email verification process used by Karrostech’s hosted services. Karrostech (aka Karros Technologies) is a fleet management provider for student transportation systems and services.
While reviewing issues discovered in Edulog (https://tenable.com/security/research/tra-2023-41), Tenable researchers discovered a bypass to the email verification process in place that allowed access to portions of Karrostech’s infrastructure. This bypass ultimately allowed researchers to access potentially sensitive information and access internal administrative dashboards. …
More from www.tenable.com / Tenable Research Advisories
Cross-Site Scripting in WordPress RSS Aggregator Plugin
4 days, 20 hours ago |
www.tenable.com
Solidus Stored Cross-Site Scripting
4 days, 21 hours ago |
www.tenable.com
Delta Electronics DIAEnergie CEBC.exe Multiple Vulnerabilities
1 week, 5 days ago |
www.tenable.com
Approach.App Multiple Vulnerabilities
4 weeks, 1 day ago |
www.tenable.com
Path Traversal Affecting Multiple CData Products
1 month, 1 week ago |
www.tenable.com
LG LED Assistant v2.1.65 Multiple Vulnerabilities
1 month, 2 weeks ago |
www.tenable.com
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
Sr. Staff Firmware Engineer – Networking & Firewall
@ Axiado | Bengaluru, India
Compliance Architect / Product Security Sr. Engineer/Expert (f/m/d)
@ SAP | Walldorf, DE, 69190
SAP Security Administrator
@ FARO Technologies | EMEA-Portugal