Security
Headlines
HeadlinesLatestCVEs

Tag

#chrome

CVE-2022-29664: SQL injection vulnerability exists in Cscms music portal system v4.2 · Issue #23 · chshcms/cscms

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/type/pl_save.

CVE
Open in Source
#sql#vulnerability#web#windows#apple#js#java#php#chrome#webkit
CVE-2022-29665: SQL injection vulnerability exists in Cscms music portal system v4.2 · Issue #19 · chshcms/cscms

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/news/admin/topic/save.

CVE-2022-29666: SQL injection vulnerability exists in Cscms music portal system v4.2 · Issue #24 · chshcms/cscms

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the id parameter at /admin.php/pic/admin/lists/zhuan.

CVE-2022-29667: SQL injection vulnerability exists in Cscms music portal system v4.2 · Issue #26 · chshcms/cscms

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via /admin.php/pic/admin/pic/hy. This vulnerability is exploited via restoring deleted photos.

CVE-2022-29681: SQL injection vulnerability exists in Cscms music portal system v4.2 · Issue #35 · chshcms/cscms

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/Links/del.

CVE-2022-29687: SQL injection vulnerability exists in Cscms music portal system v4.2 (Discovered by 星海Lab) · Issue #30 · chshcms/cscms

CSCMS Music Portal System v4.2 was discovered to contain a blind SQL injection vulnerability via the id parameter at /admin.php/user/level_del.

CVE-2022-1664: [SECURITY] [DSA 5147-1] dpkg security update

Dpkg::Source::Archive in dpkg, the Debian package management system, before version 1.21.8, 1.20.10, 1.19.8, 1.18.26 is prone to a directory traversal vulnerability. When extracting untrusted source packages in v2 and v3 source package formats that include a debian.tar, the in-place extraction can lead to directory traversal situations on specially crafted orig.tar and debian.tar tarballs.

ChromeLoader targets Chrome Browser users with malicious ISO files

ChromeLoader is working its way into Chrome browsers via ISO images claiming to offer cracked games. What are the dangers? The post ChromeLoader targets Chrome Browser users with malicious ISO files appeared first on Malwarebytes Labs.

Experts Warn of Rise in ChromeLoader Malware Hijacking Users' Browsers

A malvertising threat is witnessing a new surge in activity since its emergence earlier this year. Dubbed ChromeLoader, the malware is a "pervasive and persistent browser hijacker that modifies its victims' browser settings and redirects user traffic to advertisement websites," Aedan Russell of Red Canary said in a new report. ChromeLoader is a rogue Chrome browser extension and is typically

Hackers Increasingly Using Browser Automation Frameworks for Malicious Activities

Cybersecurity researchers are calling attention to a free-to-use browser automation framework that's being increasingly used by threat actors as part of their attack campaigns. "The framework contains numerous features which we assess may be utilized in the enablement of malicious activities," researchers from Team Cymru said in a new report published Wednesday. "The technical entry bar for the