#auth

CISA has added CVE-2024-40766 to its Known Exploited Vulnerabilities catalog.

Though the company reports that data was exfiltrated in the breach, it has been remained tightlipped regarding the kind of data that was exposed.

By having specific DDL permissions set in Oracle 19c, you can bypass access restrictions normally in place for VPD (virtual private database).

PPDB version 2.4-update 6118-1 suffers from a remote blind SQL injection vulnerability.

POMS version 1.0 suffers from an ignored default credential vulnerability.

Pharmacy Management System version version 1.0 suffers from an ignored default credential vulnerability.

PDF Generator Web Application version 1.0 suffers from an ignored default credential vulnerability.

Park Ticketing Project version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Online Travel Agency System version 1.0 suffers from an ignored default credential vulnerability.

Online Tours and Travels Management System version 1.0 suffers from an ignored default credential vulnerability.