Tag
#sql
By Deeba Ahmed In this instance, the hackers were white hat; otherwise, things could have gone awry. This is a post from HackRead.com Read the original post: Hackers Uncover Airbus EFB App Vulnerability, Risking Aircraft Data
Hello everyone! It has been 3 months since the last episode. I spent most of this time improving my Vulristics project. So in this episode, let’s take a look at what’s been done. Alternative video link (for Russia): https://vk.com/video-149273431_456239139 Also, let’s take a look at the Microsoft Patch Tuesdays vulnerabilities, Linux Patch Wednesdays vulnerabilities and […]
Today we are releasing Grafana 8.3.1, 8.2.7, 8.1.8, 8.0.7. This patch release includes a high severity security fix that affects Grafana versions from v8.0.0-beta1 through v8.3.0. Release v8.3.1, only containing a security fix: - [Download Grafana 8.3.1](https://grafana.com/grafana/download/8.3.1) - [Release notes](https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-3-1/) Release v8.2.7, only containing a security fix: - [Download Grafana 8.2.7](https://grafana.com/grafana/download/8.2.7) - [Release notes](https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-2-7/) Release v8.1.8, only containing a security fix: - [Download Grafana 8.1.8](https://grafana.com/grafana/download/8.1.8) - [Release notes](https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-1-8/) Release v8.0.7, only containing a security fix: - [Download Grafana 8.0.7](https://grafana.com/grafana/download/8.0.7) - [Release notes](https://grafana.com/docs/grafana/lat...
Ubuntu Security Notice 6615-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.36 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.10. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.
By Waqas Small businesses are faced with unique challenges in terms of data security. You don’t have the vast resources… This is a post from HackRead.com Read the original post: Approaching Complex Data Security for Small Businesses
CSZCMS version 1.3.0 suffers from a remote SQL injection vulnerability in the admin flows.
MiniZinc version 2.7.6 suffers from a null pointer vulnerability.
A critical security issue has been discovered in Vinchin Backup and Recovery version 7.2. The software has been found to use default MYSQL credentials, which could lead to significant security risks.
### Summary Dex 2.37.0 is serving HTTPS with insecure TLS 1.0 and TLS 1.1. ### Details While working on https://github.com/dexidp/dex/issues/2848 and implementing configurable TLS support, I noticed my changes did not have any effect in TLS config, so I started investigating. https://github.com/dexidp/dex/blob/70d7a2c7c1bb2646b1a540e49616cbc39622fb83/cmd/dex/serve.go#L425 is seemingly setting TLS 1.2 as minimum version, but the whole tlsConfig is ignored after "TLS cert reloader" was introduced in https://github.com/dexidp/dex/pull/2964. Configured cipher suites are not respected either, as seen on the output. ### PoC Build Dex, generate certs with `gencert.sh`, modify `config.dev.yaml` to run on https, using generated certs. ```console issuer: http://127.0.0.1:5556/dex storage: type: sqlite3 config: file: dex.db web: https: 127.0.0.1:5556 tlsCert: examples/k8s/ssl/cert.pem tlsKey: examples/k8s/ssl/key.pem <rest as default> ``` Run dex `bin/dex serve config.dev...
### Summary The application allows to create zip files from available files on the site. The parameter "selectedIds", is susceptible to SQL Injection. ### Details [downloadAsZipJobsAction](https://github.com/pimcore/admin-ui-classic-bundle/blob/1.x/src/Controller/Admin/Asset/AssetController.php#L2006) escape parameters, but [downloadAsZipAddFilesAction](https://github.com/pimcore/admin-ui-classic-bundle/blob/1.x/src/Controller/Admin/Asset/AssetController.php#L2087) not. The following code should be added: ``` foreach ($selectedIds as $selectedId) { if ($selectedId) { $quotedSelectedIds[] = $db->quote($selectedId); } } ``` ### PoC - Set up an example project as described on https://github.com/pimcore/demon (demo package with example content) - Log In. Grab the `X-pimcore-csrf-token` header from any request to the backend, as well as the `PHPSESSID` cookie. - Run the following script, substituting the values accordingly: ``` #!/bin/bash BASE_URL=http://local...