EUVD-2018-0929

Malware in sbrugna...

EUVD-2019-13964

Malware in sbrugna...

PT-2025-20116 · Unknown · Rustaurius Ultimate Wp Mail

Name of the Vulnerable Software and Affected Versions: Rustaurius Ultimate WP Mail versions 1.3.4 and below Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows unauthorized access and enables...

PT-2025-19870 · WordPress · Pgs Core

Name of the Vulnerable Software and Affected Versions: PGS Core plugin for WordPress versions up to, and including, 5.8.0 Description: The issue is related to SQL Injection via the event parameter in the save header builder function due to insufficient escaping on the user-supplied parameter and...

PT-2025-17350 · WordPress · Jobwp

Name of the Vulnerable Software and Affected Versions: The JobWP – Job Board, Job Listing, Career Page and Recruitment Plugin plugin for WordPress versions up to, and including, 2.3.9 Description: The issue is related to SQL Injection via the jobwp upload resume parameter due to insufficient...

PT-2025-17164 · Unknown · Webbytemplate Office Locator

Name of the Vulnerable Software and Affected Versions: WebbyTemplate Office Locator versions 1.3.0 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...

PT-2025-14274 · Unknown · Bookingpress

Name of the Vulnerable Software and Affected Versions: BookingPress versions 1.1.28 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. Recommendations: Fo...

Weak Password Hashing

Manifest is vulnerable to Weak Password Hashing. The vulnerability is due to improper password hashing due to the use of SHA3 without a salt, making user passwords more susceptible to cracking if an attacker gains access to the database...

CLSA-2025-1739820848 mysql: Fix of 129 CVEs

Update to MySQL 8.0.40 - CVEs fixed: CVE-2024-21201 CVE-2024-21236 CVE-2024-21230 CVE-2024-21160 CVE-2024-21196 CVE-2024-21239 CVE-2024-21173 CVE-2024-21193 CVE-2024-21159 CVE-2024-21135 CVE-2024-20996 CVE-2024-21166 CVE-2024-21157 CVE-2024-21231 CVE-2024-21199 CVE-2024-21207 CVE-2024-21194...

PT-2024-9323 · Drupal +1 · Drupal Core +1

Name of the Vulnerable Software and Affected Versions: Drupal Core versions 7.0 through 7.101 Drupal Core versions 8.0.0 through 10.2.10 Drupal Core versions 10.3.0 through 10.3.8 Description: The issue is related to the deserialization of untrusted data, which allows object injection. This can...

How to Backup the XenMobile Database

This article describes how to back up the XenMobile database...

Dell PowerProtect Data Manager Operating System Command Injection Vulnerability

Dell PowerProtect Data Manager PPDM is a set of data protection solutions from Dell USA. The product supports features such as data backup, virtual machine backup and database protection. An operating system command injection vulnerability exists in Dell PowerProtect Data Manager version 19.15 an...

CVE-2023-32308 SQL Injection Vulnerability in anuko timetracker

anuko timetracker is an open source time tracking system. Boolean-based blind SQL injection vulnerability existed in Time Tracker invoices.php in versions prior to 1.22.11.5781. This was happening because of a coding error after validating parameters in POST requests. There was no check for error...

PT-2023-1012 · Sap · Sap Bpc Ms

Name of the Vulnerable Software and Affected Versions: SAP BPC MS 10.0 version 810 Description: The issue allows an unauthorized attacker to execute crafted database queries, potentially leading to SQL injection. This could enable an attacker to access, modify, and/or delete data from the backend...

Fortinet FortiWeb Cross-Site Scripting Vulnerability (CNVD-2021-99662)

Fortinet FortiWeb is a Web application layer firewall from Fortinet that blocks threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks, secures Web applications and protects sensitive database content. A cross-site scripting vulnerability exists,...

Fortinet FortiWeb Buffer Overflow Vulnerability (CNVD-2021-101138)

Fortinet FortiWeb is a web application layer firewall from Fortinet that blocks threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks, secures web applications and protects sensitive database content. A buffer overflow vulnerability exists that...

CVE-2018-0266

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables over the web interface. An attacker could exploit this vulnerability by browsin...

Improve the ROI of Your Database Protection Investment

When an organization considers switching a mission-critical compliance or security system from one vendor’s solution to another it’s a very big decision. There is expense involved in acquiring the new solution, it will take time and money to deploy and retrain staff, and it will take careful...

CVE-2018-0105

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. The vulnerability is due to insufficient protection of database tables. An attacker could exploit this vulnerability by browsing to a specific URL. ...

Encryption: Pros and Cons

The expression “when you are a hammer, everything is a nail” has a curious background. The concept belongs to a generalized law of the instrument which is a cognitive bias that occurs by being overly familiar with certain tools, and the likelihood of force-fitting problems to the tools at hand. A...