Security
Headlines
HeadlinesLatestCVEs

Tag

#sql

PrestaShop warns of vulnerability: Update your stores now!

We take a look at a security advisory from PrestaShop which warns of compromised stores and redirected payment data. The post PrestaShop warns of vulnerability: Update your stores now! appeared first on Malwarebytes Labs.

Malwarebytes
Open in Source
#sql#vulnerability#web#php
CVE-2022-34594: bug_report/XSS-1.md at master · gitgeniuss/bug_report

Advanced School Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component ip/school/moudel/update_subject.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Edit Subject text field.

SonicWall urges customers to patch critical SQL injection bug ASAP

SonicWall GMS and Analytics are vulnerable to an SQL injection bug, tracked as CVE-2022-22280. The post SonicWall urges customers to patch critical SQL injection bug ASAP appeared first on Malwarebytes Labs.

Hospital Information System 1.0 SQL Injection

Hospital Information System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

Garage Management System 1.0 Shell Upload

Garage Management System version 1.0 suffers from a remote shell upload vulnerability.

Expert X Jobs Portal And Resume Builder 1.0 SQL Injection

Expert X Jobs Portal and Resume Builder version 1.0 suffers from a remote SQL injection vulnerability.

RHSA-2022:5719: Red Hat Security Advisory: grafana security update

An update for grafana is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-31107: grafana: OAuth account takeover

RHSA-2022:5720: Red Hat Security Advisory: grafana security update

An update for grafana is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-31107: grafana: OAuth account takeover

CVE-2022-31879: CVE-nu11secur1ty/vendors/oretnom23/2022/Online-Fire-Reporting at main · nu11secur1ty/CVE-nu11secur1ty

Online Fire Reporting System 1.0 is vulnerable to SQL Injection via the date parameter.

CVE-2022-34067: CVE-nu11secur1ty/vendors/oretnom23/2022/Warehouse-Management-System at main · nu11secur1ty/CVE-nu11secur1ty

Warehouse Management System v1.0 was discovered to contain a SQL injection vulnerability via the cari parameter.