#sql

CVE-2023-23764: Release notes - GitHub Enterprise Server 3.7 Docs

An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff within the GitHub pull request UI. To do so, an attacker would need write access to the repository. This vulnerability affected GitHub Enterprise Server versions 3.7.0 and above and was fixed in versions 3.7.9, 3.8.2, and 3.9.1. This vulnerability was reported via the GitHub Bug Bounty program.

2 years ago

CVE

Open in Source

#sql #vulnerability #web #microsoft #nodejs #git #auth #ssh

CVE-2023-36942

A cross-site scripting (XSS) vulnerability in PHPGurukul Online Fire Reporting System Using PHP and MySQL 1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the website title field.

2 years ago

CVE

Open in Source

#sql #xss #vulnerability #web #php

GHSA-wxf3-4fvj-vqqx: Unsafe plugins can be installed via pack import by tenant admins

### Summary Unsafe plugins (for instance `sql-list`) can be installed in subdomain tenants via pack import even if unsafe plugin installation for tenants is disables ### Details I have an example https://bot20230704.saltcorn.com/view/all_plugins It's publicly accessible (but has not so secure values except list of tenants). But using this mech one can read **any** data from other tenants. ### Impact All tenants of installation (i.e. `saltcorn.com`), can be compromised from tenant user has admin access. If an untrusted user has admin rights to a tenant instance, they will be able to install a plug-in that can access information from other tenants

2 years ago

2 years ago

#sql #xss #vulnerability #web #php

xForUp Simple File Uploader 1.0 SQL Injection

xForUp Simple File Uploader version 1.0 suffers from a remote SQL injection vulnerability.

2 years ago