#sql

A vulnerability was found in KB Affiliate Referral Script 1.0. It has been classified as critical. This affects an unknown part of the file /index.php. The manipulation of the argument username/password with the input 'or''=' leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

A vulnerability has been found in KB Messages PHP Script 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument username/password with the input 'or''=' leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

A vulnerability was found in KB Login Authentication Script 1.1 and classified as critical. Affected by this issue is some unknown functionality. The manipulation of the argument username/password with the input 'or''=' leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

July's Patch Tuesday gives us a lot of important security updates. Most prominently, a known to be exploited vulnerability in Windows CSRSS. The post Update now—July Patch Tuesday patches include fix for exploited zero-day appeared first on Malwarebytes Labs.

A SQL injection issue was discovered in the lux extension before 17.6.1, and 18.x through 24.x before 24.0.2, for TYPO3.

```php <?php namespace My\App; use CuyZ\Valinor\Mapper\MappingError; use CuyZ\Valinor\Mapper\Tree\Node; use CuyZ\Valinor\Mapper\Tree\NodeTraverser; use CuyZ\Valinor\MapperBuilder; require_once __DIR__ . '/Valinor/vendor/autoload.php'; final class Money { private function __construct(public readonly string $amount) { } public static function fromString(string $money): self { if (1 !== \preg_match('/^\d+ [A-Z]{3}$/', $money)) { throw new \InvalidArgumentException(\sprintf('Given "%s" is not a recognized monetary amount', $money)); } return new self($money); } } class Foo { public function __construct( private readonly Money $a, private readonly Money $b, private readonly Money $c, ) {} } $mapper = (new MapperBuilder()) ->registerConstructor([Money::class, 'fromString']) ->mapper(); try { var_dump($mapper->map(Foo::class, [ 'a' => 'HAHA', 'b' => '100 EUR...

The seminars (aka Seminar Manager) extension through 4.1.3 for TYPO3 allows SQL Injection.

The oelib (aka One is Enough Library) extension through 4.1.5 for TYPO3 allows SQL Injection.

SAP Busines Objects Business Intelligence Platform (Visual Difference Application) - versions 420, 430, allows an authenticated attacker who has access to BI admin console to send crafted queries and extract data from the SQL backend. On successful exploitation, the attacker can cause limited impact on confidentiality and integrity of the application

When serialized columns that use YAML (the default) are deserialized, Rails uses YAML.unsafe_load to convert the YAML data in to Ruby objects. If an attacker can manipulate data in the database (via means like SQL injection), then it may be possible for the attacker to escalate to an RCE. There are no feasible workarounds for this issue, but other coders (such as JSON) are not impacted.