The vulnerability of the InnoDB component of the MySQL database management system, which allows a hacker to cause a service failure

The vulnerability of the InnoDB component in the MySQL database management system is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to cause service failures...

Improper access control

Improper Access Control in Adminer versions 1.12.0 to 4.6.2 fixed in version 4.6.3 allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database...

CVE-2021-43008

The CVE-2021-43008 vulnerability affects Adminer ≤ 4.6.2, where improper access control allows an attacker-controlled remote MySQL server to trigger Adminer to read a local file via LOAD DATA LOCAL INFILE, exposing sensitive files (e.g., /etc/passwd). The issue can enable Arbitrary File Read on t...

CVE-2021-43008

Improper Access Control in Adminer versions 1.12.0 to 4.6.2 fixed in version 4.6.3 allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database...

Fingerprint Attendance 1.0 SQL Injection Vulnerability

Title: Fingerprint Attendance 1.0 Blind boolean SQLi To Rce Author: Hejap Zairy Vendor: https://www.vetbossel.in/fingerprint-attendance-project-php/ Software: https://app.box.com/s/xlyqalhvayq8oi25tqykcbouzrrjytqy Reference: https://github.com/Matrix07ksa Tested on: Windows, MySQL, Apache Steps 1...

Vulnerability of the Server component: Security: Privileges of the MySQL Server database management system, allowing attackers to access, modify, add, or delete data.

The vulnerability of the MySQL Server component’s Security: Privileges section relates to insufficient validation of input data. Exploiting this vulnerability may allow an attacker to gain access to modify, add, or delete data using the MySQL network protocol...

Vulnerability of the MySQL Server component: The Optimizer component of the MySQL database management system allows a hacker to cause service failures or gain access to modify, add, or delete data.

The vulnerability of the MySQL Server component involves insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures or gain access to modify, add, or delete data using the MySQL network protocol...

Vulnerability of the MySQL Server component: The Optimizer component of the MySQL database management system allows a hacker to cause service failures or gain access to modify, add, or delete data.

The vulnerability of the MySQL Server component of the database management system involves insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions using the MySQL network protocol...

USN-5270-2: MySQL vulnerabilities

USN-5270-1 fixed several vulnerabilities in MySQL. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to...

Sql injection

Online Motorcycle Bike Rental System 1.0 is vulnerable to a Blind Time-Based SQL Injection attack within the login portal. This can lead attackers to remotely dump MySQL database credentials...

CVE-2021-44249

Online Motorcycle Bike Rental System 1.0 is vulnerable to a Blind Time-Based SQL Injection attack within the login portal. This can lead attackers to remotely dump MySQL database credentials...

CosaNostra Builder WebPanel Cross Site Request Forgery

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/61285c988de52b7c067fb2e703f2ab83C.txt Contact: [email protected] Media: twitter.com/malvuln Threat: CosaNostra Builder WebPanel Vulnerability: Cross Site Request Forgery CSRF Description: The Panel...

CollectorStealerBuilder Panel 2.0.0 Insecure Credential Storage Vulnerability

The panel for Collector Stealer malware version 2.0.0 stores the login credentials in plaintext in its MySQL database. Third-party attackers who gain access to the system can read the database username passwords without having to crack them offline. Discovery / credits: Malvuln - malvuln.com c 20...

CollectorStealerBuilder Panel 2.0.0 Insecure Credential Storage

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/54530f88c8e4f4371c9418f00c256b1d.txt Contact: [email protected] Media: twitter.com/malvuln Threat: CollectorStealerBuilder v2.0.0 Panel Vulnerability: Insecure Credential Storage Description: The pan...

Oracle MySQL 输入验证错误漏洞

Oracle MySQL is an open source relational database management system from Oracle Corporation. MySQL Cluster is a highly useful and redundant version for distributed computing environments. Oracle MySQL Cluster is vulnerable to an input validation error, which can be exploited to execute arbitrary...

Win32.MarsStealer Web Panel Cross Site Scripting

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/8abb41f6e7010d70c90f65fd9a740faaB.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Win32.MarsStealer Web Panel Vulnerability: Unauthenticated Remote Persistent XSS Description: The...

AgentTesla Builder Web Panel SQL Injection Vulnerability

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/db9629508fda139f71f625d764c7eff7B.txt Contact: email protected Media: twitter.com/malvuln Threat: AgentTesla Builder Web Panel Vulnerability: SQL Injection Description: The AgentTeslaBuilder WebUI uses...

PuneethReddyHC Online Shopping System Advanced 1.0 SQL Injection Vulnerability

PuneethReddyHC Online Shopping System Advanced version 1.0 suffers from a remote SQL injection vulnerability. CVE-2021-41648 CVE-2021-41648 SQL Injection in online-shopping-system The online-shopping-system is vulnerable to un-authenticated error/boolean-based blind & error based SQL Injection...

PuneethReddyHC Online Shopping System Advanced 1.0 SQL Injection

CVE-2021-41648 CVE-2021-41648 SQL Injection in online-shopping-system The online-shopping-system is vulnerable to un-authenticated error/boolean-based blind & error based SQL Injection attacks. The proId parameter on the /action.php page does not sanitize the user input, an attacker can extract...

Fedora: Security Advisory for cacti (FEDORA-2021-0b8814db99)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...