CVE-2023-35089 WordPress Recipe Maker For Your Food Blog from Zip Recipes Plugin <= 8.0.7 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Really Simple Plugins Recipe Maker For Your Food Blog from Zip Recipes plugin = 8.0.7 versions...

From Bounty Leaderboards to Microsoft Security Researcher, Meet Cameron Vincent!

Fun Facts: Game you binged: Guitar Hero and Rock Band fanatic. Go to snack: Nutri-Grain Bars. Favorite Drink: Soda – Coca Cola specifically. Favorite Place: Singapore – stayed an extra week after a hacking collaboration and truly fell in love and hopes to get back as soon as possible. Favorite...

CVE-2023-3690

A vulnerability, which was classified as critical, has been found in Bylancer QuickOrder 6.3.7. Affected by this issue is some unknown functionality of the file /blog of the component GET Parameter Handler. The manipulation of the argument s leads to sql injection. The attack may be launched...

CVE-2023-3689

A vulnerability classified as critical was found in Bylancer QuickQR 6.3.7. Affected by this vulnerability is an unknown functionality of the file /blog of the component GET Parameter Handler. The manipulation of the argument s leads to sql injection. The attack can be launched remotely. The...

CVE-2023-3690 Bylancer QuickOrder GET Parameter blog sql injection

A vulnerability, which was classified as critical, has been found in Bylancer QuickOrder 6.3.7. Affected by this issue is some unknown functionality of the file /blog of the component GET Parameter Handler. The manipulation of the argument s leads to sql injection. The attack may be launched...

CVE-2023-3690

CVE-2023-3690 concerns Bylancer QuickOrder 6.3.7. The issue is described as a SQL injection in the blog path, triggered by manipulating the GET Parameter Handler argument s. This affects the /blog functionality within the component described as GET Parameter Handler and is reported to be exploita...

CVE-2023-3689 Bylancer QuickQR GET Parameter blog sql injection

A vulnerability classified as critical was found in Bylancer QuickQR 6.3.7. Affected by this vulnerability is an unknown functionality of the file /blog of the component GET Parameter Handler. The manipulation of the argument s leads to sql injection. The attack can be launched remotely. The...

CVE-2023-3687

A vulnerability was found in Bylancer QuickVCard 2.1. It has been rated as critical. This issue affects some unknown processing of the file /blog of the component GET Parameter Handler. The manipulation of the argument s leads to sql injection. The attack may be initiated remotely. The identifier...

CVE-2023-3686

A vulnerability was found in Bylancer QuickAI OpenAI 3.8.1. It has been declared as critical. This vulnerability affects unknown code of the file /blog of the component GET Parameter Handler. The manipulation of the argument s leads to sql injection. The attack can be initiated remotely. The...

Sql injection

A vulnerability was found in Bylancer QuickAI OpenAI 3.8.1. It has been declared as critical. This vulnerability affects unknown code of the file /blog of the component GET Parameter Handler. The manipulation of the argument s leads to sql injection. The attack can be initiated remotely. The...

Bylancer QuickQR SQL注入漏洞

Bylancer QuickQR is a QR code restaurant menu maker from Bylancer. A SQL injection vulnerability exists in Bylancer QuickQR version 6.3.7, which stems from the presence of an unknown function in the blog in the component GET Parameter Handler, which leads to sql injection via parameter s. The...

Bylancer QuickOrder SQL注入漏洞

Bylancer QuickOrder is a WhatsApp food ordering plugin from Bylancer. A SQL injection vulnerability exists in Bylancer QuickOrder version 6.3.7, which stems from the presence of an unknown function in the blog in the component GET Parameter Handler, which leads to sql injection via parameter s. T...

Bylancer QuickVCard SQL注入漏洞

Bylancer QuickVCard is a Digital Business Card SaaS PHP script from Bylancer. A SQL injection vulnerability exists in Bylancer QuickVCard version 2.1, which stems from some unknown handling of the file /blog in the component GET Parameter Handler, which leads to an sql injection via the parameter...

Bylancer QuickAI OpenAI SQL注入漏洞

Bylancer QuickAI OpenAI is an artificial intelligence writing assistant and content creator from Bylancer. Bylancer QuickAI OpenAI version 3.8.1 suffers from a SQL injection vulnerability that stems from the presence of unknown code in the file/blog in the component GET Parameter Handler, which...

PT-2023-25728 · Unknown · Bylancer Quickai Openai

Name of the Vulnerable Software and Affected Versions: Bylancer QuickAI OpenAI version 3.8.1 Description: A critical issue affects the GET Parameter Handler component, specifically the file /blog, where manipulation of the s argument leads to sql injection. This issue can be initiated remotely. T...

PT-2023-25736 · Bylancer · Bylancer Quickqr

Name of the Vulnerable Software and Affected Versions: Bylancer QuickQR version 6.3.7 Description: A critical issue was found in the GET Parameter Handler component of the /blog file, where the manipulation of the s argument leads to sql injection. This issue can be exploited remotely. The vendor...

PT-2023-25731 · Bylancer · Bylancer Quickvcard

Name of the Vulnerable Software and Affected Versions: Bylancer QuickVCard version 2.1 Description: A critical issue affects the processing of the file /blog of the component GET Parameter Handler. The manipulation of the argument s leads to sql injection. The attack may be initiated remotely. Th...

PT-2023-25737 · Unknown · Bylancer Quickorder

Name of the Vulnerable Software and Affected Versions: Bylancer QuickOrder version 6.3.7 Description: A critical issue has been found in the GET Parameter Handler component of the /blog file, where the manipulation of the s argument leads to sql injection. This issue can be exploited remotely. Th...

Friday Squid Blogging: Balloon Squid

Masayoshi Matsumoto is a "master balloon artist," and he made a squid and other animals. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...

Akamai’s Perspective on July’s Patch Tuesday 2023

...