132 matches found
Friday Squid Blogging: Regulating Squid Fishing in the South Pacific
The South Pacific Regional Fisheries Management Organization SPRFMO needs to regulate squid fishing in the South Pacific. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Blog moderation policy...
PT-2026-39197
Name of the Vulnerable Software and Affected Versions draw.io versions prior to 29.7.9 Description The application accepts a gitlab URL parameter that overrides the GitLab server URL used during OAuth sign-in. An attacker can use a crafted link to cause the "Authorize in GitLab" dialog to open a...
Friday Squid Blogging: Squid Fishing in Peru
Peru has increased its squid catch limit. The article says "giant squid," but they can't possibly mean that. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Blog moderation policy...
Friday Squid Blogging: Squid Fishing Tips
This is a video of advice for squid fishing in Puget Sound. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Blog moderation policy...
CVE-2020-37081
Fishing Reservation System 7.5 contains multiple remote SQL injection vulnerabilities in admin.php, cart.php, and calendar.php that allow attackers to inject malicious SQL commands. Attackers can exploit vulnerable parameters like uid, pid, type, m, y, and code to compromise the database manageme...
CVE-2020-37081
CVE-2020-37081 describes multiple remote SQL injection vulnerabilities in Fishing Reservation System 7.5, affecting admin.php, cart.php, and calendar.php. The vulnerabilities allow attackers to inject SQL via parameters such as uid, pid, type, m, y, and code, potentially compromising the database...
CVE-2020-37081
Fishing Reservation System 7.5 contains multiple remote SQL injection vulnerabilities in admin.php, cart.php, and calendar.php that allow attackers to inject malicious SQL commands. Attackers can exploit vulnerable parameters like uid, pid, type, m, y, and code to compromise the database manageme...
CVE-2020-37081 Fishing Reservation System 7.5 - 'uid' SQL Injection
Fishing Reservation System 7.5 contains multiple remote SQL injection vulnerabilities in admin.php, cart.php, and calendar.php that allow attackers to inject malicious SQL commands. Attackers can exploit vulnerable parameters like uid, pid, type, m, y, and code to compromise the database manageme...
Fishing Reservation System SQL注入漏洞
The Fishing Reservation System is a fishing reservation system developed by Fishing Reservation Company. Version 7.5 of the Fishing Reservation System has a SQL injection vulnerability. This vulnerability stems from multiple remote SQL injection vulnerabilities present in the admin.php, cart.php,...
Friday Squid Blogging: The Chinese Squid-Fishing Fleet off the Argentine Coast
The latest article on this topic. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Blog moderation policy...
EUVD-2014-5443
Malware in sbrugna...
Friday Squid Blogging: Catching Humboldt Squid
First-person account of someone accidentally catching several Humboldt squid on a fishing line. No photos, though. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Blog moderation policy...
MAL-2024-9150 Malicious code in get-new-script-roblox-fishing-simulator-script-x5c6h7 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0d3935d85ffff584c274c803e27fe750e88812237d94029109b8e18bab26ab63 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in get-new-script-roblox-fishing-simulator-script-x5c6h7 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0d3935d85ffff584c274c803e27fe750e88812237d94029109b8e18bab26ab63 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Squid Fishing in Japan
Fishermen are catching more squid as other fish are depleted. Blog moderation policy...
Friday Squid Blogging: Economic Fallout from Falklands Halting Squid Fishing
Details. Blog moderation policy...
fishing-nc.com Cross Site Scripting vulnerability OBB-3922061
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Friday Squid Blogging: The Awfulness of Squid Fishing Boats
Its a pretty awful story. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here...
URL Redirection to Untrusted Site in OAuth2/OpenID in directus
Summary The authentication API has a redirect parameter that can be exploited as an open redirect vulnerability as the user tries to log in via the API URL https://docs.directus.io/reference/authentication.htmllogin-using-sso-providers /auth/login/google?redirect for example. Details There's a...
elf-rss (>=2.5.0 <=2.5.4), gocqapi (>=0.1.3 <=0.1.4) +59 more potentially affected by CVE-2024-21624 via nonebot2 (>=2.0.0a16 <=2.1.3)
nonebot2 PYPI version =2.0.0a16, =2.5.0, =0.1.3, =1.2.0a0, =0.1.0, =0.1.0, =0.1.0, =0.3.4, =0.5.2, =2.0.0, =2.1.0 and more Source cves: CVE-2024-21624 Source advisory: OSV:GHSA-59J8-776V-XXXG...