Campcodes Retro Basketball Shoes Online Store SQL注入漏洞

Campcodes Retro Basketball Shoes Online Store is an online store for retro basketball shoes from Campcodes, Inc. A SQL injection vulnerability exists in Campcodes Retro Basketball Shoes Online Store version 1.0, which stems from a SQL injection vulnerability in the parameter id of the file faqs.p...

PT-2023-18364 · Unknown · Campcodes Retro Basketball Shoes Online Store

Name of the Vulnerable Software and Affected Versions: Campcodes Retro Basketball Shoes Online Store version 1.0 Description: A critical issue has been found in the software, affecting an unknown functionality of the file faqs.php. The manipulation of the id argument leads to SQL injection. This...

[SECURITY] [DLA 3395-2] golang-1.11 regression update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3395-2 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler April 20, 2023 https://wiki.debian.org/LTS -...

Business Logic Flaws

phpmyfaq is vulnerable to Business Logic Flaws. The vulnerability exists in record.add.php due to improper user permission checks which allows an authenticated attacker with edit-only permissions to add and delete categories or add FAQs...

GHSA-2WJP-W7G7-H63Q thorsten/phpmyfaq vulnerable to improper access control

thorsten/phpmyfaq prior to 3.1.12 is vulnerable to improper access control when FAQ News is marked as inactive in settings and have comments enabled, allowing comments to be posted on inactive FAQs. This has been fixed in 3.1.12...

CVE-2023-26858

SQL injection vulnerability found in PrestaSHp faqs v.3.1.6 allows a remote attacker to escalate privileges via the faqsBudgetModuleFrontController::displayAjaxGenerateBudget component...

CVE-2023-26858

SQL injection vulnerability found in PrestaSHp faqs v.3.1.6 allows a remote attacker to escalate privileges via the faqsBudgetModuleFrontController::displayAjaxGenerateBudget component...

Sql injection

SQL injection vulnerability found in PrestaSHp faqs v.3.1.6 allows a remote attacker to escalate privileges via the faqsBudgetModuleFrontController::displayAjaxGenerateBudget component...

PT-2023-20828 · Unknown · Prestashop

Name of the Vulnerable Software and Affected Versions: PrestaSHp faqs version 3.1.6 Description: A SQL injection issue allows a remote attacker to escalate privileges via the faqsBudgetModuleFrontController::displayAjaxGenerateBudget component. This enables the attacker to potentially gain...

CVE-2023-26858

CVE-2023-26858 describes a SQL injection vulnerability in PrestaSHp faqs v.3.1.6 that allows a remote attacker to escalate privileges through the faqsBudgetModuleFrontController::displayAjaxGenerateBudget component. The vulnerability is reflected across multiple sources (NVD, Red Hat, CVE lists, ...

CVE-2023-26858

SQL injection vulnerability found in PrestaSHp faqs v.3.1.6 allows a remote attacker to escalate privileges via the faqsBudgetModuleFrontController::displayAjaxGenerateBudget component...

XSS in Comment Faq news username parameter

Description Stored Cross-Site Scripting XSS is a type of security vulnerability that occurs when an attacker injects malicious code into a website that is then stored on the server and served to unsuspecting users. This type of XSS is particularly dangerous because it can persist and continue to...

Nimc2 - A C2 Fully Written In Nim

nimc2 is a very lightweight C2 written fully in nim implant & server. If you want to give it a try check out the wiki to learn how to install and use nimc2. It's features include: Windows & Linux implant generation TCP socket communication with HTTP communication coming soon Ability to create as...

CISA Provides Criteria and Process for Updates to the KEV Catalog

CISA has updated the Known Exploited Vulnerabilities KEV catalog webpage as well as the FAQs for Binding Operational Directive BOD 22-01, Reducing the Significant Risk of Known Exploited Vulnerabilities, which established the KEV catalog. The updates provide information on the criteria and proces...

CVE-2021-21438

The CVE-2021-21438 affects OTRS, specifically the FAQ module. Affected: OTRS 7.0.x up to prior to 7.0.24 and FAQ component up to 6.0.29. Root cause: information disclosure by allowing non-permitted users to view linked FAQ articles. Impact: unauthorized visibility of FAQ content (partial confiden...

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0312

An update of 'nodejs', 'nodejs10' packages of Photon OS has been released...

[SECURITY] [DLA 2045-1] tightvnc security update

Package : tightvnc Version : 1.3.9-6.5+deb8u1 CVE ID : CVE-2014-6053 CVE-2018-7225 CVE-2019-8287 CVE-2018-20021 CVE-2018-20022 CVE-2019-15678 CVE-2019-15679 CVE-2019-15680 CVE-2019-15681 Debian Bug : 945364 Several vulnerabilities have recently been discovered in TightVNC 1.x, an X11 based VNC...

WordPress ultimate-faqs plugin HTML content injection vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. ultimate-faqs is a FAQ plugin used in it. An HTML content injection vulnerability exists in the Functions/EWDUFAQImport.php file in...

CVE-2019-17233

Functions/EWDUFAQImport.php in the ultimate-faqs plugin through 1.8.24 for WordPress allows HTML content injection...

CVE-2019-17232

Functions/EWDUFAQImport.php in the ultimate-faqs plugin through 1.8.24 for WordPress allows unauthenticated options import...