Security
Headlines
HeadlinesLatestCVEs

Tag

#sql

CVE-2021-42663: GitHub - TheHackingRabbi/CVE-2021-42663: CVE-2021-42663 - HTML Injection vulnerability in the Online event booking and reservation system.

An HTML injection vulnerability exists in Sourcecodester Online Event Booking and Reservation System in PHP/MySQL via the msg parameter to /event-management/index.php. An attacker can leverage this vulnerability in order to change the visibility of the website. Once the target user clicks on a given link he will display the content of the HTML code of the attacker's choice.

CVE
Open in Source
#sql#vulnerability#web#git
CVE-2021-42665: Engineers Online Portal in PHP with Free Source Code | Free Source Code, Projects & Tutorials

An SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the login form inside of index.php, which can allow an attacker to bypass authentication.

CVE-2021-42662: GitHub - TheHackingRabbi/CVE-2021-42662: CVE-2021-42662 - Stored Cross-Site Scripting vulnerability in the Online event booking and reservation system.

A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Online Event Booking and Reservation System in PHP/MySQL via the Holiday reason parameter. An attacker can leverage this vulnerability in order to run javascript commands on the web server surfers behalf, which can lead to cookie stealing and more.

Opencart 3 Extension TMD Vendor System SQL Injection

Opencart 3 Extension TMD Vendor System suffers from a remote blind SQL injection vulnerability.

Ubuntu Security Notice USN-5131-1

Ubuntu Security Notice 5131-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, spoof the browser UI, confuse the user, conduct phishing attacks, or execute arbitrary code. It was discovered that the 'Copy Image Link' context menu action would copy the final image URL after redirects. If a user were tricked into copying and pasting a link for an embedded image that triggered authentication flows back to the page, an attacker could potentially exploit this to steal authentication tokens. Various other issues were also addressed.

Red Hat Security Advisory 2021-4123-01

Red Hat Security Advisory 2021-4123-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.3.0 ESR. Issues addressed include bypass, spoofing, and use-after-free vulnerabilities.

Remote code execution, SQL injection bugs uncovered in Pentaho Business Analytics software

Penetration test reveals severe issues in Hitachi Vantara’s business solution

Human rights activists condemn mass denial of service as Sudan’s nationwide internet shutdown enters second week

‘All mobile internet networks are completely cut off,’ one journalist on the ground tells The Daily Swig