Security
Headlines
HeadlinesLatestCVEs

Tag

#firefox

CVE-2022-32344: bug_report/SQLi-10.md at main · k0xx11/bug_report

Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/classes/Master.php?f=delete_patient.

CVE
#sql#vulnerability#windows#php#firefox
CVE-2022-32332: bug_report/SQLi-1.md at main · k0xx11/bug_report

Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/classes/Master.php?f=delete_category.

CVE-2022-32333: bug_report/SQLi-3.md at main · k0xx11/bug_report

Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/sales/receipt.php?id=.

CVE-2022-32328: bug_report/delet-file-1.md at main · k0xx11/bug_report

Fast Food Ordering System v1.0 is vulnerable to Delete any file. via /ffos/classes/Master.php?f=delete_img.

CVE-2022-32330: bug_report/SQLi-2.md at main · k0xx11/bug_report

Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/classes/Master.php?f=delete_menu.

CVE-2022-32334: bug_report/SQLi-5.md at main · k0xx11/bug_report

Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/categories/manage_category.php?id=.

CVE-2022-32336: bug_report/SQLi-6.md at main · k0xx11/bug_report

Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/menus/view_menu.php?id=.

CVE-2021-40678: Persistent Cross Site Scripting in Batch Manager(version:11.5.0) · Issue #1476 · Piwigo/Piwigo

In Piwigo 11.5.0, there exists a persistent cross-site scripting in the single mode function through /admin.php?page=batch_manager&mode=unit.

CVE-2021-40604: 4.6.2

A Server-Side Request Forgery (SSRF) vulnerability in IPS Community Suite before 4.6.2 allows remote authenticated users to request arbitrary URLs or trigger deserialization via phar protocol when generating class names dynamically. In some cases an exploitation is possible by an unauthenticated user.

Taking down the IP2Scam tech support campaign

Tech support scams follow a simple business model that has not changed much over the years. After all, why change a recipe that continues to yield large profits. We see countless such campaigns and block them indiscriminately to protect our customers from being defrauded by a fraudulent tech support agent over the phone. Every now... The post Taking down the IP2Scam tech support campaign appeared first on Malwarebytes Labs.