#sql

Best Courier Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

This is the official vulnerability disclosure report for CVEs CVE-2024-38881 through CVE-2024-38891 by jTag Labs. This report details critical security vulnerabilities found within Caterease Software, a product of Horizon Business Services Inc. These vulnerabilities have significant implications for the confidentiality, integrity, and availability of the software and the sensitive data it handles. The issues include problems like remote SQL injection, command injection, authentication bypass, hard-coded credentials, and more.

Tourism Management System version 2.0 suffers from a cross site scripting vulnerability.

Computer Laboratory Management System version 1.0 suffers from an incorrect access control that allows for privilege escalation.

Leads Manager Tool suffers from remote SQL injection and cross site scripting vulnerabilities.

Readymade Unilevel Ecommerce MLM suffers from remote blind SQL injection and cross site scripting vulnerabilities. These issues affected the version released as late as March 15, 2024.

AccPack Buzz version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Readymade Real Estate Script suffers from remote blind SQL injection and cross site scripting vulnerabilities.

Ubuntu Security Notice 6934-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.39 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.

SchoolPlus LMS version 1.0 suffers from a remote SQL injection vulnerability.