Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

CVE-2023-39560: GitHub - Luci4n555/cve_ectouch: detail

ECTouch v2 was discovered to contain a SQL injection vulnerability via the $arr['id'] parameter at \default\helpers\insert.php.

CVE
Open in Source
#sql#vulnerability#web#windows#apple#git#php#xpath#auth#chrome#webkit
Developers Beware: Malicious Rust Libraries Caught Transmitting OS Info to Telegram Channel

In yet another sign that developers continue to be targets of software supply chain attacks, a number of malicious packages have been discovered on the Rust programming language's crate registry. The libraries, uploaded between August 14 and 16, 2023, were published by a user named "amaperf," Phylum said in a report published last week. The names of the packages, now taken down, are as follows:

RHSA-2023:4777: Red Hat Security Advisory: Red Hat OpenShift support for Windows Containers 7.1.1 security update

The components for Red Hat OpenShift support for Windows Containers 7.1.1 are now available. This product release includes bug fixes and security updates for the following packages: windows-machine-config-operator and windows-machine-config-operator-bundle. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-3676: A vulnerability was found in Kubernetes. This flaw allows a user who can create pods on Windows nodes to escalate to admin privileges on those nodes. * CVE-2023-...

SPA-Cart eCommerce CMS 1.9.0.3 SQL Injection

SPA-Cart eCommerce CMS version 1.9.0.3 suffers from a remote SQL injection vulnerability.

SPA-Cart eCommerce CMS 1.9.0.3 Cross Site Scripting

SPA-Cart eCommerce CMS version 1.9.0.3 suffers from a cross site scripting vulnerability.

Horse Market Sell And Rent Portal Script 1.5.7 Cross Site Scripting

Horse Market Sell and Rent Portal Script version 1.5.7 suffers from a cross site scripting vulnerability.

HighPlus CMS 0.1.3 SQL Injection

HighPlus CMS version 0.1.3 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Hospital HMS 2.7 SQL Injection

Hospital HMS version 2.7 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Hospital HMS 2 SQL Injection

Hospital HMS version 2 suffers from a remote SQL injection vulnerability that allows for authentication bypass.