Security
Headlines
HeadlinesLatestCVEs

Tag

#chrome

CVE-2022-34590: bug_report/sql_injection.md at master · Renrao/bug_report

Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in /HMS/admin.php.

CVE
Open in Source
#sql#vulnerability#web#windows#apple#php#chrome#webkit
CVE-2022-34586: bug_report/sql_injection.md at master · Renrao/bug_report

itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via the grade parameter at /school/view/student_grade_wise.php.

CVE-2022-34588: bug_report/sql_injection3.md at master · Renrao/bug_report

itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via the grade parameter at /school/view/timetable_insert_form.php.

Google Adds Support for DNS-over-HTTP/3 in Android to Keep DNS Queries Private

Google on Tuesday officially announced support for DNS-over-HTTP/3 (DoH3) for Android devices as part of a Google Play system update designed to keep DNS queries private. To that end, Android smartphones running Android 11 and higher are expected to use DoH3 instead of DNS-over-TLS (DoT), which was incorporated into the mobile operating system with Android 9.0. DoH3 is also an alternative to

CVE-2022-24660: Cryptocurrency ASIC Miners – Security and Hacking Audit – James A. Chambers

The debug interface of Goldshell ASIC Miners v2.2.1 and below was discovered to be exposed publicly on the web interface, allowing attackers to access passwords and other sensitive information in plaintext.

CVE-2022-2491: CVEproject/Library-Management-System-with-QR-code-Attendance-and-Auto-Generate-Library-Card.md at main · xiahao90/CVEproject

A vulnerability has been found in SourceCodester Library Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file lab.php. The manipulation of the argument Section with the input 1' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,CONCAT(0x71716b7171,0x546e4444736b7743575a666d4873746a6450616261527a67627944426946507245664143694c6a4c,0x7162706b71),NULL,NULL,NULL,NULL# leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

CVE-2022-2492: CVEproject/Library-Management-System-with-QR-code-Attendance-and-Auto-Generate-Library-Card.md at main · xiahao90/CVEproject

A vulnerability was found in SourceCodester Library Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /index.php. The manipulation of the argument RollNo with the input admin' AND (SELECT 2625 FROM (SELECT(SLEEP(5)))MdIL) AND 'KXmq'='KXmq&Password=1231312312 leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

Researchers Warn of New Variants of ChromeLoader Browser in the Wild

By Deeba Ahmed ChromeLoader malware is spread through pirated games, malicious QR codes, and cracked software that hijacks the victim’s web… This is a post from HackRead.com Read the original post: Researchers Warn of New Variants of ChromeLoader Browser in the Wild

CVE-2022-2467: CVEproject/Garage-Management-System.md at main · xiahao90/CVEproject

A vulnerability has been found in SourceCodester Garage Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument username with the input [email protected]' AND (SELECT 6427 FROM (SELECT(SLEEP(5)))LwLu) AND 'hsvT'='hsvT leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

CVE-2022-32387: Hotfixes

In Kentico before 13.0.66, attackers can achieve Denial of Service via a crafted request to the GetResource handler.