Security
Headlines
HeadlinesLatestCVEs

Tag

#sql

Hospital Management System 1.0 Cross Site Scripting

Hospital Management System version 1.0 suffers from a persistent cross site scripting vulnerability.

Packet Storm
#sql#xss#vulnerability#windows#google#git#java#php#auth
Ubuntu Security Notice USN-6720-1

Ubuntu Security Notice 6720-1 - Kentaro Kawane discovered that Cacti incorrectly handled user provided input sent through request parameters to the graph_view.php script. A remote authenticated attacker could use this issue to perform SQL injection attacks.

E-Insurance 1.0 Cross Site Scripting

E-Insurance version 1.0 suffers from a persistent cross site scripting vulnerability.

Daily Habit Tracker 1.0 Broken Access Control

Daily Habit Tracker version 1.0 suffers from an access control vulnerability.

Daily Habit Tracker 1.0 SQL Injection

Daily Habit Tracker version 1.0 suffers from a remote SQL injection vulnerability.

Daily Habit Tracker 1.0 Cross Site Scripting

Daily Habit Tracker version 1.0 suffers from a persistent cross site scripting vulnerability.

Employee Management System 1.0 SQL Injection

Employee Management System version 1.0 suffers from additional remote SQL injection vulnerabilities. Original discovery of this finding is attributed to Ozlem Balci in January of 2024.

OpenCart Core 4.0.2.3 SQL Injection

OpenCart Core version 4.0.2.3 suffers from a remote SQL injection vulnerability.

Online Hotel Booking In PHP 1.0 SQL Injection

Online Hotel Booking in PHP version 1.0 suffers from a remote blind SQL injection vulnerability.

Malicious Code in XZ Utils for Linux Systems Enables Remote Code Execution

The malicious code inserted into the open-source library XZ Utils, a widely used package present in major Linux distributions, is also capable of facilitating remote code execution, a new analysis has revealed. The audacious supply chain compromise, tracked as CVE-2024-3094 (CVSS score: 10.0), came to light last week when Microsoft engineer and PostgreSQL developer Andres Freund