Headline
CVE-2021-42169: CVE-nu11secur1ty/vendors/oretnom23/CVE-nu11-21-100521 at main · nu11secur1ty/CVE-nu11secur1ty
The Simple Payroll System with Dynamic Tax Bracket in PHP using SQLite Free Source Code (by: oretnom23 ) is vulnerable from remote SQL-Injection-Bypass-Authentication for the admin account. The parameter (username) from the login form is not protected correctly and there is no security and escaping from malicious payloads.
Related news
CVE-2021-20264: 1932283 – (CVE-2021-20264) CVE-2021-20264 containers/openjdk: /etc/passwd is given incorrect privileges
An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11 containers. This flaw allows an attacker with access to the container to modify the /etc/passwd and escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.