Security
Headlines
HeadlinesLatestCVEs

Tag

#sql

Teacher Subject Allocation Management System 1.0 Cross Site Scripting

Teacher Subject Allocation Management System version 1.0 suffers from a cross site scripting vulnerability.

Packet Storm
#sql#xss#vulnerability#windows#google#php#auth#firefox
GHSA-58vj-cv5w-v4v6: Navidrome has Multiple SQL Injections and ORM Leak

# Security Advisory: Multiple Vulnerabilities in Navidrome ## Summary Navidrome automatically adds parameters in the URL to SQL queries. This can be exploited to access information by adding parameters like `password=...` in the URL (ORM Leak). Furthermore, the names of the parameters are not properly escaped, leading to SQL Injections. Finally, the username is used in a `LIKE` statement, allowing people to log in with `%` instead of their username. ## Details ### ORM Leak When adding parameters to the URL, they are automatically included in an SQL `LIKE` statement (depending on the parameter's name). This allows attackers to potentially retrieve arbitrary information. For example, attackers can use the following request to test whether some encrypted passwords start with `AAA`: ``` GET /api/user?_end=36&_order=DESC&password=AAA% ``` This results in an SQL query like `password LIKE 'AAA%'`, allowing attackers to slowly brute-force passwords. (Also, any reason for using encryp...

Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms

Threat actors have been observed targeting the construction sector by infiltrating the FOUNDATION Accounting Software, according to new findings from Huntress. "Attackers have been observed brute-forcing the software at scale, and gaining access simply by using the product’s default credentials," the cybersecurity company said. Targets of the emerging threat include plumbing, HVAC (heating,

WordPress LMS 4.2.7 SQL Injection

WordPress LMS plugin versions 4.2.7 and below suffer from a remote SQL injection vulnerability.

Contractor Software Targeted via Microsoft SQL Server Loophole

By accessing the MSSQL, threat actors gain admin-level access to the application, allowing them to automate their attacks.

GHSA-g4r7-86gm-pgqc: sqlitedict insecure deserialization vulnerability

Insecure deserialization in sqlitedict up to v2.1.0 allows attackers to execute arbitrary code.

Online Bus Ticket Booking Website 1.0 SQL Injection

Online Bus Ticket Booking Website version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Nipah Virus Testing Management System 1.0 SQL Injection

Nipah Virus Testing Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Membership Management System 1.1 SQL Injection

Membership Management System version 1.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Furniture Master 2 SQL Injection

Furniture Master version 2 suffers from a remote SQL injection vulnerability.