Security
Headlines
HeadlinesLatestCVEs

Tag

#sql

A Sherlock Holmes Approach to Cybersecurity: Eliminate the Impossible with Exposure Validation

Sherlock Holmes is famous for his incredible ability to sort through mounds of information; he removes the irrelevant and exposes the hidden truth. His philosophy is plain yet brilliant: “When you have eliminated the impossible, whatever remains, however improbable, must be the truth.” Rather than following every lead, Holmes focuses on the details that are needed to move him to the solution. In

The Hacker News
Open in Source
#sql#vulnerability#web#ios#ssl#The Hacker News
GHSA-2mv8-jjm5-f3hr: SQL injection in funadmin

funadmin 5.0.2 is vulnerable to SQL Injection via the parentField parameter in the index method of \backend\controller\auth\Auth.php.

GHSA-h345-r48x-g68f: SQL injection in funadmin

funadmin 5.0.2 has a SQL injection vulnerability in the Curd one click command mode plugin.

GHSA-6j8f-88mh-r9vq: SQL injection in funadmin

Funadmin v5.0.2 has an arbitrary file read vulnerability in /curd/index/editfile.

GHSA-x2fr-vj74-5h35: SQL injection in funadmin

Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/fieldlist.

GHSA-h4px-9vmp-p7pv: SQL injection in funadmin

Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/list.

GHSA-9gw3-qr2f-3vg5: SQL injection in funadmin

Funadmin 5.0.2 is vulnerable to SQL Injection in curd/table/savefield.

GHSA-vw6x-c5rg-jmjp: SQL injection in funadmin

Funadmin v5.0.2 has an arbitrary file deletion vulnerability in /curd/index/delfile.

GHSA-5g66-93qv-565j: SQL injection in funadmin

Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/edit.