Security
Headlines
HeadlinesLatestCVEs

Tag

#sql

Ubuntu Security Notice USN-5131-1

Ubuntu Security Notice 5131-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, spoof the browser UI, confuse the user, conduct phishing attacks, or execute arbitrary code. It was discovered that the 'Copy Image Link' context menu action would copy the final image URL after redirects. If a user were tricked into copying and pasting a link for an embedded image that triggered authentication flows back to the page, an attacker could potentially exploit this to steal authentication tokens. Various other issues were also addressed.

Packet Storm
Open in Source
#web#ubuntu#dos#vulnerability#git#red_hat#kubernetes#sql#vulnerability#web#ubuntu#dos
Red Hat Security Advisory 2021-4123-01

Red Hat Security Advisory 2021-4123-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.3.0 ESR. Issues addressed include bypass, spoofing, and use-after-free vulnerabilities.

Remote code execution, SQL injection bugs uncovered in Pentaho Business Analytics software

Penetration test reveals severe issues in Hitachi Vantara’s business solution

Human rights activists condemn mass denial of service as Sudan’s nationwide internet shutdown enters second week

‘All mobile internet networks are completely cut off,’ one journalist on the ground tells The Daily Swig

CVE-2021-41492: Multiple SQL injections in Sourcecodester Simple Cashiering System (POS)

Multiple SQL Injection vulnerabilities exist in Sourcecodester Simple Cashiering System (POS) 1.0 via the (1) Product Code in the pos page in cashiering. (2) id parameter in manage_products and the (3) t paramater in actions.php.

CVE-2020-18262: There is a SQL injection vulnerability in the page cposts.php · Issue #3 · chilin89117/ED01-CMS

ED01-CMS v1.0 was discovered to contain a SQL injection in the component cposts.php via the cid parameter.

CVE-2020-18263: SQL injection vulnerability in search.php · Issue #1 · harshitbansal373/PHP-CMS

PHP-CMS v1.0 was discovered to contain a SQL injection vulnerability in the component search.php via the search parameter. This vulnerability allows attackers to access sensitive database information.

CVE-2020-24000: There is SQL injection in your source code · Issue #13 · eyoucms/eyoucms

SQL Injection vulnerability in eyoucms cms v1.4.7, allows attackers to execute arbitrary code and disclose sensitive information, via the tid parameter to index.php.