PT-2025-14116 · Mydumper +2 · Mydumper +2

Name of the Vulnerable Software and Affected Versions: MyDumper versions prior to 0.18.2-8 Description: The MySQL C client library allows authenticated remote actors to read arbitrary files from client systems via a crafted server response to a LOAD LOCAL INFILE query, leading to sensitive...

Alert: OracleIV DDoS Botnet Targets Public Docker Engine APIs to Hijack Containers

Publicly-accessible Docker Engine API instances are being targeted by threat actors as part of a campaign designed to co-opt the machines into a distributed denial-of-service DDoS botnet dubbed OracleIV. "Attackers are exploiting this misconfiguration to deliver a malicious Docker container, buil...

Wordpress Post Grid plugin cross-site scripting vulnerability (CNVD-2022-44253)

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress plugin Post Grid plugin version prior to 2.1....

WordPress Free Testimonials Slider plugin跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress Free Testimonials Slider plugin has a...

WordPress WooCommerce plugin SQL注入漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blogging sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. SQL injection vulnerability exists in versions of...

WordPress Simple Quotation plugin SQL injection vulnerability

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. WordPress Simple Quotation plugin is vulnerable to SQL injection, which can be exploited by an authenticated attacker ...

WordPress WP Data Access plugin SQL injection vulnerability

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.The WordPress WP Data Access plugin has a SQL injection vulnerability in versions prior to 5.0.0, which stems from the...

WordPress YouTube plugin cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. WordPress YouTube plugin before version 1.4 has a cross-site scripting vulnerability that stems from a lack of checksum filtering ...

WordPress plugin cross-site scripting vulnerability (CNVD-2021-37474)

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in version 1....

WordPress plugin cross-site request forgery vulnerability (CNVD-2021-37475)

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . 404 SEO Redirection Cross-site request forgery...

WordPress plugin cross-site scripting vulnerability

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in versions o...

PLEASE_READ_ME Ransomware Attacks 85K MySQL Servers

Researchers are warning on an active ransomware campaign that’s targeting MySQL database servers. The ransomware, called PLEASEREADME, has thus far breached at least 85,000 servers worldwide – and has posted at least 250,000 stolen databases on a website for sale. MySQL is an open-source relation...

Heap-Based Buffer Overflow

PHP is vulnerable to heap-based buffer overflow vulnerability. The vulnerability exists in the ext/mysqlnd/mysqlndwireprotocol.c in PHP. Remote MySQL servers could cause a denial of service or possibly have unspecified other impact via crafted field metadata...

Fedora 24 : phpMyAdmin (2017-294c23bb1d)

Welcome to phpMyAdmin 4.6.6, a release containing security and bug fixes. This release includes many security fixes of various levels of severity. We recommend all users upgrade to this release immediately. For full information on the vulnerabilities fixed and mitigation factors for users who are...

Multiple vulnerabilities in setup script

PMASA-2016-44 Announcement-ID: PMASA-2016-44 Date: 2017-01-24 Summary Multiple vulnerabilities in setup script Description A server-side request forgery vulnerability was reported with the setup script. This flaw can allow an unauthenticated attacker to: 1. brute-force passwords of MYSQL servers...

CVE-2016-7412

ext/mysqlnd/mysqlndwireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNEDFLAG flag, which allows remote MySQL servers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via crafted field metadata...

CVE-2016-7412

ext/mysqlnd/mysqlndwireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNEDFLAG flag, which allows remote MySQL servers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via crafted field metadata...

CVE-2016-7412

Removed by vendor...

CVE-2016-7412

ext/mysqlnd/mysqlndwireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNEDFLAG flag, which allows remote MySQL servers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via crafted field metadata...

Oracle MySQL for Microsoft Windows MOF Execution Vulnerability

Exploit for windows platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core'...