864 matches found
PT-2022-19958 · Unknown · Insurance Management System
Name of the Vulnerable Software and Affected Versions: Insurance Management System version 1.0 Description: The issue allows for SQL Injection via the "/insurance/editClient.php" endpoint, specifically through the client id variable. This could potentially lead to unauthorized access or...
Insurance Management System SQL注入漏洞
Insurance Management System is an insurance management system from the personal developer Angel Jude Reyes Suarez. Insurance Management System 1.0 is vulnerable to SQL injection, which could be exploited by attackers to obtain information about data in the target system...
Insurance Management System SQL注入漏洞
Insurance Management System is an insurance management system from the personal developer Angel Jude Reyes Suarez. Insurance Management System 1.0 is vulnerable to SQL injection, which could be exploited by attackers to obtain information about data in the target system...
PT-2022-19960 · Unknown · Insurance Management System
Name of the Vulnerable Software and Affected Versions: Insurance Management System version 1.0 Description: The issue concerns SQL Injection via the /insurance/editPayment.php endpoint, specifically through the recipt no parameter. This allows for potential manipulation of database queries...
A week in security (April 25 – May 1)
Last week on Malwarebytes Labs: Why MITRE matters to SMBs Apple’s child safety features are coming to a Messages app near you Why software has so many vulnerabilities, with Tanya Janca: Lock and Code S03E09 Watch out for this SMS phish promising a tax refund Rogue ads phishing for cryptocurrency:...
Everything you need to know to create a Vulnerability Assessment Report
You've been asked for a Vulnerability Assessment Report for your organisation and for some of you reading this article, your first thought is likely to be "What is that?" Worry not. This article will answer that very question as well as why you need a Vulnerability Assessment Report and where you...
What’s happening in the world of personal cyber insurance?
Youve likely only seen cybercrime insurance primarily mentioned in relation to attacks on businesses. Most commonly, it’s cited with regard to ransomware attacks in the workplace, or associated data loss. Some folks think the mere presence of insurance simply encourages more attacks, and is hurti...
nextinsurance.com Cross Site Scripting vulnerability OBB-2542526
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2022-27124
Insurance Management System 1.0 was discovered to contain a SQL injection vulnerability via the username parameter...
CVE-2022-27124
Insurance Management System 1.0 was discovered to contain a SQL injection vulnerability via the username parameter...
CVE-2022-27124
Insurance Management System 1.0 was discovered to contain a SQL injection vulnerability via the username parameter...
Sql injection
Insurance Management System 1.0 was discovered to contain a SQL injection vulnerability via the username parameter...
CVE-2022-27124
Insurance Management System 1.0 was discovered to contain a SQL injection vulnerability via the username parameter...
CVE-2022-27124
CVE-2022-27124 affects Insurance Management System 1.0, with a SQL injection vulnerability exposed via the username parameter. The root cause is a flaw in input handling that allows a crafted username to manipulate SQL queries. Public documentation lists this vulnerability across multiple feeds (...
Insurance Management System SQL注入漏洞
Insurance Management System is an insurance management system by Angel Jude Reyes Suarez, an individual developer. A security vulnerability exists in Insurance Management System 1.0, which allows an attacker to perform SQL injection via the username parameter...
PT-2022-18233 · Unknown · Insurance Management System
Name of the Vulnerable Software and Affected Versions: Insurance Management System version 1.0 Description: The issue is related to a SQL injection vulnerability. This vulnerability can be exploited via the username parameter. Recommendations: For Insurance Management System version 1.0, consider...
versicherungen-fulda.de Improper Access Control vulnerability OBB-2402549
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Insurance Coverage for NotPetya Losses
Tarah Wheeler and Josephine Wolff analyze a recent court decision that the NotPetya attacks are not considered an act of war under the wording of Mercks insurance policy, and that the insurers must pay the $1B+ claim. Wheeler and Wolff argue that the judge "did the right thing for the wrong...
For Health Insurance Companies, Web Apps Can Be an Open Wound
At IntSights, a Rapid7 company, our goal is to ensure organizations everywhere understand the threats facing them in today's cyber landscape. With this in mind, we took a focused look at the insurance industry — a highly targeted vertical due to the amount of valuable data these organizations hol...
After debt seizure from InsuranceFund, user can dilute all past participants.
Lines of code Vulnerability details Impact A user can get a much larger portion of the pool as it recovers from a debt seizure. The intent of the insurance pool seems to be that it could recover from a bad debt event. Proof of Concept 1. Alice is the first LP to the insurance pool, and deposits...