Security
Headlines
HeadlinesLatestCVEs

Tag

#sql

Best Courier Management System 1.0 SQL Injection

Best Courier Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Packet Storm
#sql#vulnerability#windows#google#php#auth#firefox
Caterease Software SQL Injection / Command Injection / Bypass

This is the official vulnerability disclosure report for CVEs CVE-2024-38881 through CVE-2024-38891 by jTag Labs. This report details critical security vulnerabilities found within Caterease Software, a product of Horizon Business Services Inc. These vulnerabilities have significant implications for the confidentiality, integrity, and availability of the software and the sensitive data it handles. The issues include problems like remote SQL injection, command injection, authentication bypass, hard-coded credentials, and more.

Tourism Management System 2.0 Cross Site Scripting

Tourism Management System version 2.0 suffers from a cross site scripting vulnerability.

Computer Laboratory Management System 1.0 Privilege Escalation

Computer Laboratory Management System version 1.0 suffers from an incorrect access control that allows for privilege escalation.

Leads Manager Tool SQL Injection / Cross Site Scripting

Leads Manager Tool suffers from remote SQL injection and cross site scripting vulnerabilities.

ReadyMade Unilevel Ecommerce MLM Blind SQL Injection / Cross Site Scripting

Readymade Unilevel Ecommerce MLM suffers from remote blind SQL injection and cross site scripting vulnerabilities. These issues affected the version released as late as March 15, 2024.

AccPack Buzz 1.0 SQL Injection

AccPack Buzz version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Readymade Real Estate Script SQL Injection / Cross Site Scripting

Readymade Real Estate Script suffers from remote blind SQL injection and cross site scripting vulnerabilities.

Ubuntu Security Notice USN-6934-1

Ubuntu Security Notice 6934-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.39 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.

SchoolPlus LMS 1.0 SQL Injection

SchoolPlus LMS version 1.0 suffers from a remote SQL injection vulnerability.