Multi-Language Hotel Management 2022 1.0 SQL Injection Vulnerability

Title: Multi-Language-Hotel-Management-2022 1.0 SQLi Author: nu11secur1ty Vendor: https://www.nikhilbhalerao.com/ Software: https://github.com/nu11secur1ty/CVE-nu11secur1ty/blob/main/vendors/Nikhil%20Bhalerao/2022/Multi-Language-Hotel-Management-2022/Docs/sparkz.zip Reference:...

Multi-Language Hotel Management 2022 1.0 SQL Injection

Title: Multi-Language-Hotel-Management-2022 1.0 SQLi Author: nu11secur1ty Date: 08.03.2022 Vendor: https://www.nikhilbhalerao.com/ Software: https://github.com/nu11secur1ty/CVE-nu11secur1ty/blob/main/vendors/Nikhil%20Bhalerao/2022/Multi-Language-Hotel-Management-2022/Docs/sparkz.zip Reference:...

[SECURITY] Fedora 35 Update: phpMyAdmin-5.1.3-1.fc35

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields, manage privileges,export data into various formats and i...

CVE-2022-23630

Gradle is a build tool with a focus on build automation and support for multi-language development. In some cases, Gradle may skip that verification and accept a dependency that would otherwise fail the build as an untrusted external artifact. This occurs when dependency verification is disabled ...

CVE-2022-23630

Gradle is a build tool with a focus on build automation and support for multi-language development. In some cases, Gradle may skip that verification and accept a dependency that would otherwise fail the build as an untrusted external artifact. This occurs when dependency verification is disabled ...

CVE-2022-23630 Dependency verification bypass in Gradle

Gradle is a build tool with a focus on build automation and support for multi-language development. In some cases, Gradle may skip that verification and accept a dependency that would otherwise fail the build as an untrusted external artifact. This occurs when dependency verification is disabled ...

CVE-2022-23630

Gradle is a build tool with a focus on build automation and support for multi-language development. In some cases, Gradle may skip that verification and accept a dependency that would otherwise fail the build as an untrusted external artifact. This occurs when dependency verification is disabled ...

MetInfo Cross-Site Request Forgery Vulnerability (CNVD-2021-99308)

MetInfo uses PHP Mysql architecture, is a very SEO-friendly, comprehensive, multi-language, responsive display, extremely suitable for enterprise, company website building cms system. metInfo version 7.0.0 cross-site request forgery vulnerability. The attacker can use the admin/?n=admin...

MetInfo SQL Injection Vulnerability (CNVD-2021-74293)

MetInfo using PHP + Mysql architecture, is a very SEO-friendly, full-featured, support for multi-language, responsive display, extremely suitable for business, corporate website construction cms station-building system. MetInfo 7.0.0 version of the existence of SQL injection vulnerability,...

MetInfo Cross-Site Request Forgery Vulnerability (CNVD-2022-05449)

MetInfo using PHP + Mysql architecture, is a very SEO-friendly, full-featured, support for multi-language, responsive display, extremely suitable for business, corporate website construction cms station-building system. Metinfo 6.1.3 version of the existence of cross-site request forgery...

TeaBot Trojan Targets Banks via Hijacked Android Handsets

Researchers have discovered an Android trojan that can steal victims’ SMS messages and credentials and completely take over devices. The trojan, dubbed TeaBot, is aimed at committing fraud against at least 60 banks in Europe. Join Threatpost for “Fortifying Your Business Against Ransomware, DDoS ...

MetInfo suffers from a command execution vulnerability (CNVD-2021-29218)

MetInfo is a multi-language, full-featured, secure and stable, multi-terminal display and support for visual editing, easy to use enterprise station software. MetInfo has a command execution vulnerability that can be exploited by attackers to gain control of the server...

SQL injection vulnerability in SongCMS PHP version (CNVD-2021-28484)

SongCMS is a PHP MySQL, ASP Access/SQL Server based development, enterprise-oriented, multi-language support, free, open source CMS to help business users to quickly build and deploy enterprise-level portals. SongCMS PHP version suffers from a SQL injection vulnerability, which can be exploited b...

Arbitrary File Read Vulnerability in SongCMS

SongCMS is a free and open source CMS based on PHP+MySQL, ASP+Access/SQL Server development, enterprise-oriented, multi-language support. SSongCMS arbitrary file reading vulnerability , an attacker can use the vulnerability to read the site source code , any file...

[SECURITY] Fedora 32 Update: phpldapadmin-1.2.6.2-1.fc32

PhpLDAPadmin is a web-based LDAP client. It provides easy, anywhere-accessible, multi-language administration for your LDAP server. Its hierarchical tree-viewer and advanced search functionality make it intuitive to browse and administer your LDAP director y. Since it is a web application, this...

[SECURITY] Fedora 33 Update: phpldapadmin-1.2.6.2-1.fc33

PhpLDAPadmin is a web-based LDAP client. It provides easy, anywhere-accessible, multi-language administration for your LDAP server. Its hierarchical tree-viewer and advanced search functionality make it intuitive to browse and administer your LDAP director y. Since it is a web application, this...

SQL Injection Vulnerability in SongCMS

SongCMS is a PHP+MySQL, ASP+Access/SQL Server based development, enterprise-oriented, multi-language support, free, open source CMS to help business users quickly build and deploy enterprise-level portals. SongCMS suffers from SQL injection vulnerability. An attacker can exploit the vulnerability...

File Inclusion Vulnerability in BEESCMS Enterprise Website Management System

BEESCMS enterprise website management system is a PHP + MYSQL, multi-language system, the content module is easy to expand, the template style. A file inclusion vulnerability exists in BEESCMS enterprise website management system. An attacker can exploit this vulnerability to gain server privileg...

OPENSUSE-SU-2020:1822-1 Security update for claws-mail

This update for claws-mail fixes the following issues: - Additional cleanup of the template handling claws-mail was updated to 3.17.8 boo1177967 Shielded template's |program and |attachprogram so that the command-line that is executed does not allow sequencing such as with && || ;, preventing...

Pwndoc - Pentest Report Generator

PwnDoc is a pentest reporting application making it simple and easy to write your findings and generate a customizable Docx report. The main goal is to have more time to Pwn and less time to Doc by mutualizing data like vulnerabilities between users. Documentation Installation Data Vulnerabilitie...