Tag
#Web Security
32 published stories tagged with Web Security.
Defender Guidance: Vvveb Cron Controller Information Disclosure Exposes Secret Cron Key
Vvveb before 1.0.8.2 contains an information disclosure vulnerability in the cron controller that can expose the application secret cron key to unauthenticated attackers.
Detection Notes: Vvveb Cron Controller Information Disclosure Exposes Secret Cron Key
Vvveb before 1.0.8.2 contains an information disclosure vulnerability in the cron controller that can expose the application secret cron key to unauthenticated attackers.
Risk Brief: Vvveb Cron Controller Information Disclosure Exposes Secret Cron Key
Vvveb before 1.0.8.2 contains an information disclosure vulnerability in the cron controller that can expose the application secret cron key to unauthenticated attackers.
Brief: CodeAstro Online Classroom SQL Injection Vulnerability Disclosed With Public Exploit
A SQL injection vulnerability in CodeAstro Online Classroom 1.0 affects the /askquery.php component through the squeryx argument, according to the NVD/VulDB record.
Defender Guidance: CodeAstro Online Classroom SQL Injection Vulnerability Disclosed With Public Exploit
A SQL injection vulnerability in CodeAstro Online Classroom 1.0 affects the /askquery.php component through the squeryx argument, according to the NVD/VulDB record.
Detection Notes: CodeAstro Online Classroom SQL Injection Vulnerability Disclosed With Public Exploit
A SQL injection vulnerability in CodeAstro Online Classroom 1.0 affects the /askquery.php component through the squeryx argument, according to the NVD/VulDB record.
Risk Brief: CodeAstro Online Classroom SQL Injection Vulnerability Disclosed With Public Exploit
A SQL injection vulnerability in CodeAstro Online Classroom 1.0 affects the /askquery.php component through the squeryx argument, according to the NVD/VulDB record.
Brief: code-projects Simple Chat System SQL Injection Disclosed in sendMessage.php
A SQL injection vulnerability was disclosed in code-projects Simple Chat System 1.0 affecting sendMessage.php.
Defender Guidance: code-projects Simple Chat System SQL Injection Disclosed in sendMessage.php
A SQL injection vulnerability was disclosed in code-projects Simple Chat System 1.0 affecting sendMessage.php.
Detection Notes: code-projects Simple Chat System SQL Injection Disclosed in sendMessage.php
A SQL injection vulnerability was disclosed in code-projects Simple Chat System 1.0 affecting sendMessage.php.
Risk Brief: code-projects Simple Chat System SQL Injection Disclosed in sendMessage.php
A SQL injection vulnerability was disclosed in code-projects Simple Chat System 1.0 affecting sendMessage.php.
Brief: SourceCodester SUP Online Shopping Wishlist SQL Injection Disclosed
A SQL injection issue was reported in SourceCodester SUP Online Shopping 1.0 affecting wishlist.php through the delwlistid argument.
Defender Guidance: SourceCodester SUP Online Shopping Wishlist SQL Injection Disclosed
A SQL injection issue was reported in SourceCodester SUP Online Shopping 1.0 affecting wishlist.php through the delwlistid argument.
Detection Notes: SourceCodester SUP Online Shopping Wishlist SQL Injection Disclosed
A SQL injection issue was reported in SourceCodester SUP Online Shopping 1.0 affecting wishlist.php through the delwlistid argument.
Risk Brief: SourceCodester SUP Online Shopping Wishlist SQL Injection Disclosed
A SQL injection issue was reported in SourceCodester SUP Online Shopping 1.0 affecting wishlist.php through the delwlistid argument.
Brief: CodeAstro Leave Management System Login SQL Injection Published
NVD/VulDB reports a SQL injection vulnerability in CodeAstro Leave Management System 1.0 affecting /login.php through the txt_username argument.
Defender Guidance: CodeAstro Leave Management System Login SQL Injection Published
NVD/VulDB reports a SQL injection vulnerability in CodeAstro Leave Management System 1.0 affecting /login.php through the txt_username argument.
Detection Notes: CodeAstro Leave Management System Login SQL Injection Published
NVD/VulDB reports a SQL injection vulnerability in CodeAstro Leave Management System 1.0 affecting /login.php through the txt_username argument.
Risk Brief: CodeAstro Leave Management System Login SQL Injection Published
NVD/VulDB reports a SQL injection vulnerability in CodeAstro Leave Management System 1.0 affecting /login.php through the txt_username argument.
Brief: zyx0814 FilePress Shares Filelist API SQL Injection Disclosed
A SQL injection vulnerability was reported in zyx0814 FilePress up to 2.2.0 affecting dzz/shares/admin.php in the Shares Filelist API.
Defender Guidance: zyx0814 FilePress Shares Filelist API SQL Injection Disclosed
A SQL injection vulnerability was reported in zyx0814 FilePress up to 2.2.0 affecting dzz/shares/admin.php in the Shares Filelist API.
Detection Notes: zyx0814 FilePress Shares Filelist API SQL Injection Disclosed
A SQL injection vulnerability was reported in zyx0814 FilePress up to 2.2.0 affecting dzz/shares/admin.php in the Shares Filelist API.
Risk Brief: zyx0814 FilePress Shares Filelist API SQL Injection Disclosed
A SQL injection vulnerability was reported in zyx0814 FilePress up to 2.2.0 affecting dzz/shares/admin.php in the Shares Filelist API.
Brief: SourceCodester Pharmacy Sales and Inventory System XSS Vulnerability Published
NVD/VulDB reports a cross-site scripting vulnerability in SourceCodester Pharmacy Sales and Inventory System 1.0 affecting /index.php?page=users through the Name argument.
Defender Guidance: SourceCodester Pharmacy Sales and Inventory System XSS Vulnerability Published
NVD/VulDB reports a cross-site scripting vulnerability in SourceCodester Pharmacy Sales and Inventory System 1.0 affecting /index.php?page=users through the Name argument.
Detection Notes: SourceCodester Pharmacy Sales and Inventory System XSS Vulnerability Published
NVD/VulDB reports a cross-site scripting vulnerability in SourceCodester Pharmacy Sales and Inventory System 1.0 affecting /index.php?page=users through the Name argument.
Risk Brief: SourceCodester Pharmacy Sales and Inventory System XSS Vulnerability Published
NVD/VulDB reports a cross-site scripting vulnerability in SourceCodester Pharmacy Sales and Inventory System 1.0 affecting /index.php?page=users through the Name argument.
Brief: Automated credential harvesting campaign exploits React2Shell exposure
Dark Reading reported automated credential harvesting activity tied to React2Shell exploitation. Defenders should review internet-facing React-related assets and credential exposur
Defender Guidance: Automated credential harvesting campaign exploits React2Shell exposure
Dark Reading reported automated credential harvesting activity tied to React2Shell exploitation. Defenders should review internet-facing React-related assets and credential exposur
Detection Notes: Automated credential harvesting campaign exploits React2Shell exposure
Dark Reading reported automated credential harvesting activity tied to React2Shell exploitation. Defenders should review internet-facing React-related assets and credential exposur
Risk Brief: Automated credential harvesting campaign exploits React2Shell exposure
Dark Reading reported automated credential harvesting activity tied to React2Shell exploitation. Defenders should review internet-facing React-related assets and credential exposur
CodeAstro Online Classroom SQL Injection Vulnerability Disclosed With Public Exploit
A SQL injection vulnerability in CodeAstro Online Classroom 1.0 affects the /askquery.php component through the squeryx argument, according to the NVD/VulDB record.