Oracle Linux 10 : xorg-x11-server-Xwayland (ELSA-2025-19435)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-19435 advisory. 24.1.5-5 - CVE fix for: CVE-2025-62229 RHEL-119964, CVE-2025-62230 RHEL-120013, CVE-2025-62231 RHEL-125006 Tenable has extracted the preceding...

Metasploit Weekly Wrap-Up 09/06/2024

Honey, I shrunk the PHP payloads This release contains more PHP payload improvements from Julien Voisin. Last week we landed a PR from Julien that added a datastore option to the php/base64 encoder that when enabled, will use zlib to compress the payload which significantly reduced the size,...

CVE-2018-19435

An issue was discovered in the Sales component in webERP 4.15. SalesInquiry.php has SQL Injection via the SortBy parameter...

CVE-2018-19435

CVE-2018-19435 describes a SQL injection in webERP 4.15, specifically in the Sales component's file SalesInquiry.php, exploitable through the SortBy parameter. Root cause per the description is unsanitized user input allowing injection into SQL queries, leading to potential disclosure/modificatio...