Security
Headlines
HeadlinesLatestCVEs

Tag

#sql

CVE-2022-44580: WordPress Plugin for Google Reviews plugin <= 2.2.3 - Auth. SQL Injection (SQLi) vulnerability - Patchstack

SQL Injection (SQLi) vulnerability in RichPlugins Plugin for Google Reviews plugin <= 2.2.3 versions.

CVE
#sql#vulnerability#google#wordpress#auth
Debian Security Advisory 5373-1

Debian Linux Security Advisory 5373-1 - Dave McDaniel discovered that the SQLite3 bindings for Node.js were susceptible to the execution of arbitrary JavaScript code if a binding parameter is a crafted object.

Oracle DB Broken PDB Isolation / Metadata Exposure

Proof of concept details for Oracle database versions 12.1.0.2, 12.2.0.1, 18c, and 19c that had a PDB isolation vulnerability allowing viewing of metadata for a different database within the same container.

CVE-2023-24728: CVE/CVE-2023-24728.txt at main · rahulpatwari/CVE

Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the contact parameter in the user profile update function.

CVE-2023-24726: CVE/CVE-2023-24726.txt at main · rahulpatwari/CVE

Art Gallery Management System v1.0 was discovered to contain a SQL injection vulnerability via the viewid parameter on the enquiry page.

CVE-2023-24729: CVE/CVE-2023-24729.txt at main · rahulpatwari/CVE

Simple Customer Relationship Management System v1.0 as discovered to contain a SQL injection vulnerability via the address parameter in the user profile update function.

CVE-2023-1407

A vulnerability classified as critical was found in SourceCodester Student Study Center Desk Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/user/manage_user.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223111.

From Power Plants to eWallets: The role of ZTNA in the gig economy

By Mor Ahuvia - SASE Solution Expert, Check Point Software The pandemic. A growing gig economy. Rounds of layoffs across industries. It’s no wonder the workforce looks nothing… This is a post from HackRead.com Read the original post: From Power Plants to eWallets: The role of ZTNA in the gig economy

CVE-2023-25206

PrestaShop ws_productreviews < 3.6.2 is vulnerable to SQL Injection.

CVE-2023-27073: Online Food Ordering System Project in PHP | Projectworlds

A Cross-Site Request Forgery (CSRF) in Online Food Ordering System v1.0 allows attackers to change user details and credentials via a crafted POST request.