#php

SolarMarker Attack Leverages Weak WordPress Sites, Fake Chrome Browser Updates

The SolarMarker group is exploiting a vulnerable WordPress-run website to encourage victims to download fake Chrome browser updates, part of a new tactic in its watering-hole attacks.

2 years ago

DARKReading

Open in Source

#web #google #wordpress #php #backdoor #pdf #chrome #firefox

CVE-2022-37461: Trustwave Security Advisories

Multiple cross-site scripting (XSS) vulnerabilities in Canon Medical Vitrea View 7.x before 7.7.6 allow remote attackers to inject arbitrary web script or HTML via (1) the input after the error subdirectory to the /vitrea-view/error/ subdirectory, or the (2) groupID, (3) offset, or (4) limit parameter to an Administrative Panel (Group and Users) page. There is a risk of an attacker retrieving patient information.

GHSA-52m2-vc4m-jj33: Twig may load a template outside a configured directory when using the filesystem loader

# Description When using the filesystem loader to load templates for which the name is a user input, it is possible to use the `source` or `include` statement to read arbitrary files from outside the templates directory when using a namespace like `@somewhere/../some.file` (in such a case, validation is bypassed). # Resolution We fixed validation for such template names. Even if the 1.x branch is not maintained anymore, a new version has been released. # Credits We would like to thank Dariusz Tytko for reporting the issue and Fabien Potencier for fixing the issue.

2 years ago

ghsa

Open in Source

#vulnerability #git #php

CVE-2022-33880: Vulnerability/BUG - Unauthenticated bind boolean based sql injection via type parameter on hms-staff.php page · Issue #7 · projectworldsofficial/hospital-management-system-in-php

hms-staff.php in Projectworlds Hospital Management System Mini-Project through 2018-06-17 allows SQL injection via the type parameter.

2 years ago

CVE

Open in Source

#sql #vulnerability #web #windows #apple #php #auth #chrome #webkit

CVE-2022-40887: One_of_my_take_on_SourceCodester/Best-Student-Result-Management-System_1.0.poc.md at main · toyydsBT123/One_of_my_take_on_SourceCodester

SourceCodester Best Student Result Management System 1.0 is vulnerable to SQL Injection.

2 years ago

CVE

Open in Source

#sql #vulnerability #git #php #auth #firefox

qdPM 9.1 Authenticated Shell Upload

A remote code execution vulnerability exists in qdPM versions 9.1 and below. An attacker can upload a malicious PHP code file via the profile photo functionality by leveraging a path traversal vulnerability in the users['photop_preview'] delete photo feature thus allowing bypass of .htaccess protection. NOTE: this issue exists because of an incomplete fix for CVE-2015-3884.

2 years ago

Packet Storm

Open in Source

#csrf #vulnerability #windows #linux #git #php #backdoor #rce #auth

Joomla AdsManager 3.2.0 SQL Injection

Joomla AdsManager extension version 3.2.0 suffers from a remote SQL injection vulnerability.

2 years ago

Packet Storm

Open in Source

#sql #vulnerability #web #php #nginx #auth

Bus Pass Management System 1.0 Cross Site Scripting

Bus Pass Management System version 1.0 suffers from a cross site scripting vulnerability.