Security
Headlines
HeadlinesLatestCVEs

Tag

#sql

CVE-2021-34248: Mobile Shop System 1.0 SQL Injection ≈ Packet Storm

SQL injection vulnerability in sourcecodester mobile-shop-system-php-mysql 1.0 allows remote attackers to log in via crafterdstring in the email field of the log in page.

CVE
Open in Source
#sql#vulnerability#windows#linux#php#auth#firefox
CVE-2021-34249: Offensive Security’s Exploit Database Archive

SQL injection vulnerability in sourcecodester online-book-store 1.0 allows remote attackers to view sensitive information via the id paremeter in application URL.

Simple Food Ordering System 1.0 Cross Site Scripting

Simple Food Ordering System version 1.0 suffers from a cross site scripting vulnerability.

Music Gallery Site 1.0 SQL Injection

Music Gallery Site version 1.0 suffers from multiple remote SQL injection vulnerabilities.

Music Gallery Site 1.0 Privilege Escalation / Missing Authentication

Music Gallery Site version 1.0 suffers from a missing authentication vulnerability that allows for privilege escalation.

Employee Task Management System 1.0 SQL Injection

Employee Task Management System version 1.0 suffers from multiple remote SQL injection vulnerabilities.

Auto Dealer Management System 1.0 SQL Injection

Auto Dealer Management System version 1.0 suffers from multiple remote SQL injection vulnerabilities.

GHSA-f598-mfpv-gmfx: Sequelize - Default support for “raw attributes” when using parentheses

### Impact Sequelize 6.28.2 and prior has a dangerous feature where using parentheses in the attribute option would make Sequelize use the string as-is in the SQL ```ts User.findAll({ attributes: [ ['count(id)', 'count'] ] }); ``` Produced ```sql SELECT count(id) AS "count" FROM "users" ``` ### Patches This feature was deprecated in Sequelize 5, and using it prints a deprecation warning. This issue has been patched in [`@sequelize/core@7.0.0.alpha-20`](https://github.com/sequelize/sequelize/pull/15374) and [`sequelize@6.29.0`](https://github.com/sequelize/sequelize/pull/15710). In Sequelize 7, it now produces the following: ```sql SELECT "count(id)" AS "count" FROM "users" ``` In Sequelize 6, it throws an error explaining that we had to introduce a breaking change, and requires the user to explicitly opt-in to either the Sequelize 7 behavior (always escape) or the Sequelize 5 behavior (inline attributes that include `()` without escaping). See https://github.com/sequ...

CVE-2023-0586: PostSettings.php in all-in-one-seo-pack/tags/4.2.9/app/Common/Admin – WordPress Plugin Repository

The All in One SEO Pack plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters in versions up to, and including, 4.2.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with Contributor+ role to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE-2023-0997: bug_report/SQLi-1.md at main · jidle123/bug_report

A vulnerability was found in SourceCodester Moosikay E-Commerce System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /Moosikay/order.php of the component POST Parameter Handler. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221732.