Security
Headlines
HeadlinesLatestCVEs

Tag

#firefox

CVE-2022-42242: bug_report/SQLi-2.md at main · aabbcc8997/bug_report

Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/classes/Master.php?f=delete_booking.

CVE
Open in Source
#sql#vulnerability#windows#js#java#php#auth#firefox
CVE-2022-42241: bug_report/SQLi-3.md at main · aabbcc8997/bug_report

Simple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/classes/Master.php?f=delete_message.

OnionPoison – Fake Tor Browser Installer Spreading Malware Via YouTube

By Waqas Threat actors are using YouTube's video description feature to spread the fake Tor browser through a malicious website. This is a post from HackRead.com Read the original post: OnionPoison – Fake Tor Browser Installer Spreading Malware Via YouTube

How to Perform a Free Ubuntu Vulnerability Scan with OpenSCAP and Canonical’s Official OVAL Content

Hello everyone! Five years ago I wrote a blogpost about OpenSCAP. But it was only about the SCAP Workbench GUI application and how to use it to detect security misconfigurations. Alternative video link (for Russia): https://vk.com/video-149273431_456239104 This time, I will install the OpenSCAP command line tool on Ubuntu and use it to check for vulnerabilities […]

TikTok's "secret operation" tracks you even if you don't use it

Categories: News Categories: Privacy If you think TikTok is acting like Google or Meta when collecting data, you're not wrong. (Read more...) The post TikTok's "secret operation" tracks you even if you don't use it appeared first on Malwarebytes Labs.

Meet Plexus, An AI-based Browser Security Solution from LayerX

By Waqas With the increasing use of the internet, browser security has become an important issue. Malware, phishing, and adware… This is a post from HackRead.com Read the original post: Meet Plexus, An AI-based Browser Security Solution from LayerX

ZKSecurity BIO 3.0.5.0_R Privilege Escalation

ZKSecurity BIO version 3.0.5.0_R suffers from a privilege escalation vulnerability.

CVE-2022-40277: GitHub - laurent22/joplin: Joplin - an open source note taking and to-do application with synchronisation capabilities for Windows, macOS, Linux, Android and iOS.

Joplin version 2.8.8 allows an external attacker to execute arbitrary commands remotely on any client that opens a link in a malicious markdown file, via Joplin. This is possible because the application does not properly validate the schema/protocol of existing links in the markdown file before passing them to the 'shell.openExternal' function.

CVE-2022-41440: bug_report/SQLi-1.md at main · chi645190147/bug_report

Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /phpinventory/editcategory.php.

CVE-2022-41439: bug_report/SQLi-2.md at main · chi645190147/bug_report

Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /phpinventory/edituser.php.