Security
Headlines
HeadlinesLatestCVEs

Tag

#sql

Backdoor.Win32.Optix.03.b Code Execution

Backdoor.Win32.Optix.03.b malware suffers from a code execution vulnerability.

Packet Storm
Open in Source
#sql#web#vulnerability#red_hat#web#vulnerability#vulnerability#red_hat#vulnerability#vulnerability#vulnerability#vulnerability#vulnerability#web#vulnerability#red_hat#sql#vulnerability#vulnerability#vulnerability#vulnerability#red_hat#web#java#vulnerability#vulnerability
CVE-2021-42668: Engineers Online Portal in PHP with Free Source Code | Free Source Code, Projects & Tutorials

A SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the id parameter in the my_classmates.php web page.. As a result, an attacker can extract sensitive data from the web server and in some cases can use this vulnerability in order to get a remote code execution on the remote web server.

CVE-2021-42666: Engineers Online Portal in PHP with Free Source Code | Free Source Code, Projects & Tutorials

A SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the id parameter to quiz_question.php, which could let a malicious user extract sensitive data from the web server and in some cases use this vulnerability in order to get a remote code execution on the remote web server.

CVE-2021-42670: GitHub - TheHackingRabbi/CVE-2021-42670: CVE-2021-42670 - SQL Injection vulnerability in the Engineers online portal system.

A SQL injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the id parameter to the announcements_student.php web page. As a result a malicious user can extract sensitive data from the web server and in some cases use this vulnerability in order to get a remote code execution on the remote web server.

CVE-2021-42667: GitHub - TheHackingRabbi/CVE-2021-42667: CVE-2021-42667 - SQL Injection vulnerability in the Online event booking and reservation system.

A SQL Injection vulnerability exists in Sourcecodester Online Event Booking and Reservation System in PHP in event-management/views. An attacker can leverage this vulnerability in order to manipulate the sql query performed. As a result he can extract sensitive data from the web server and in some cases he can use this vulnerability in order to get a remote code execution on the remote web server.

CVE-2021-42663: GitHub - TheHackingRabbi/CVE-2021-42663: CVE-2021-42663 - HTML Injection vulnerability in the Online event booking and reservation system.

An HTML injection vulnerability exists in Sourcecodester Online Event Booking and Reservation System in PHP/MySQL via the msg parameter to /event-management/index.php. An attacker can leverage this vulnerability in order to change the visibility of the website. Once the target user clicks on a given link he will display the content of the HTML code of the attacker's choice.

CVE-2021-42665: Engineers Online Portal in PHP with Free Source Code | Free Source Code, Projects & Tutorials

An SQL Injection vulnerability exists in Sourcecodester Engineers Online Portal in PHP via the login form inside of index.php, which can allow an attacker to bypass authentication.

CVE-2021-42662: GitHub - TheHackingRabbi/CVE-2021-42662: CVE-2021-42662 - Stored Cross-Site Scripting vulnerability in the Online event booking and reservation system.

A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Online Event Booking and Reservation System in PHP/MySQL via the Holiday reason parameter. An attacker can leverage this vulnerability in order to run javascript commands on the web server surfers behalf, which can lead to cookie stealing and more.

Opencart 3 Extension TMD Vendor System SQL Injection

Opencart 3 Extension TMD Vendor System suffers from a remote blind SQL injection vulnerability.