85 matches found
CVE-2021-46309
An SQL Injection vulnerability exists in Sourcecodester Employee and Visitor Gate Pass Logging System 1.0 via the username parameter...
CVE-2021-46309
CVE-2021-46309 is a SQL Injection in Sourcecodester Employee and Visitor Gate Pass Logging System 1.0, caused by improper handling of the username parameter. The PT-2022-12632 entry confirms the vulnerability exists in version 1.0 and notes an exploitation path via the username field. The CNVD/CN...
Microsoft Sees Rampant Log4j Exploit Attempts, Testing
No surprise here: The holidays bought no Log4Shell relief. Threat actors vigorously launched exploit attempts and testing during the last weeks of December, Microsoft said on Monday, in the latest update to its landing page and guidance around the flaws in Apache’s Log4j logging library. “We have...
Employee And Visitor Gate Pass Logging System 1.0 Cross Site Scripting
Exploit Title: Employee and Visitor Gate Pass Logging System 1.0 - 'name' Stored Cross-Site Scripting XSS Date: 10.11.2021 Exploit Author: İlhami Selamet Vendor Homepage: https://www.sourcecodester.com/php/15026/employee-and-visitor-gate-pass-logging-system-php-source-code.html Software Link:...
Logging: A Deep Dive
Our RASP product At Imperva our team builds a product called RASP which stands for Runtime Application Self Protection. As indicated by the name, it is a security product which plugs directly into the runtime of an application in order to provide a similar and complementary set of capabilities as...
Vulnerability of the MySQL Server component: The logging system of the MySQL Database Management System Server allows a hacker to cause a service failure.
Vulnerability of the MySQL Server component: The logging system of the MySQL Server database management system is vulnerable due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions remotely...
Vulnerability of the MySQL Server component: The logging system of the MySQL Database Management System Server allows a hacker to cause a service failure.
Vulnerability of the MySQL Server component: The logging system of the MySQL Server database management system is vulnerable to resource release errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...
CVE-2018-20714
The logging system of the Automattic WooCommerce plugin before 3.4.6 for WordPress is vulnerable to a File Deletion vulnerability. This allows deletion of woocommerce.php, which leads to certain privilege checks not being in place, and therefore a shop manager can escalate privileges to admin...
Arbitrary file deletion
The logging system of the Automattic WooCommerce plugin before 3.4.6 for WordPress is vulnerable to a File Deletion vulnerability. This allows deletion of woocommerce.php, which leads to certain privilege checks not being in place, and therefore a shop manager can escalate privileges to admin...
Google Android Out-of-Bounds Access Vulnerability
Android is a Linux-based open source operating system jointly developed by Google and the Open Handset Alliance OHA, of which DIAG driver is a logging system driver. An out-of-bounds access vulnerability exists in the DIAG driver in Android. An attacker can exploit this vulnerability to allow...
[SECURITY] [DLA 1526-1] 389-ds-base security update
Package : 389-ds-base Version : 1.3.3.5-4+deb8u3 CVE ID : CVE-2018-14624 It was discovered that the emergency logging system in 389-ds-base the 389 Directory Server is affected by a race condition caused by the invalidation of the concurrently used log file file descriptor without proper locking...
Quora: Possibility of DOS Through logging System
The Quora is using HTTP post method to send logs to the Quora Server and save the logs on the server Which is not Validating the size of the log data and directly storing a large amount of data on the server. i mean when the logs are sended to the server a bad guy can use the same HTTP POST metho...
Ubuntu 15.10 : linux vulnerabilities (USN-2851-1)
Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service crash the host or potentially execute arbitrary code on the host. CVE-2015-8550...
Ubuntu 14.04 LTS : Linux kernel (Vivid HWE) vulnerabilities (USN-2854-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2854-1 advisory. Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the...
Ubuntu 14.04 LTS : Linux kernel (Utopic HWE) vulnerabilities (USN-2849-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2849-1 advisory. Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the...
Ubuntu 12.04 LTS : linux vulnerabilities (USN-2846-1)
Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service crash the host or potentially execute arbitrary code on the host. CVE-2015-8550...
Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2847-1)
Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service crash the host or potentially execute arbitrary code on the host. CVE-2015-8550...
Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-2848-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2848-1 advisory. Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the...
Ubuntu: Security Advisory (USN-2847-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-2846-1: Linux kernel vulnerabilities
Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service crash the host or potentially execute arbitrary code on the host. CVE-2015-8550...