GHSA-P32Q-V29X-WQ9R Focalboard doesn't sanitize category IDs before incorporating them into dynamic SQL statements

UNSUPPORTED WHEN ASSIGNED Focalboard version 8.0 fails to sanitize category IDs before incorporating them into dynamic SQL statements when reordering categories. An attacker can inject a malicious SQL payload into the category id field, which is stored in the database and later executed unsanitiz...

Security Bulletin: Due to the use of hibernate-core. IBM webMethods BPM is vulnerable to a second-order SQL injection

Summary IBM webMethods BPM tool is dependant on hibernate-core which is affected by known vulnerability - CVE-2026-0603. Vulnerability Details CVEID:CVE-2026-0603 DESCRIPTION: A flaw was found in Hibernate. A remote attacker with low privileges could exploit a second-order SQL injection...

CVE-2024-0685

The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to Second Order SQL Injection via the email address value submitted through forms in all versions up to, and including, 3.7.1 due to insufficient escaping on the user supplied parameter...

CVE-2024-0685 Ninja Forms Contact Form <= 3.7.1 - Unauthenticated Second Order SQL Injection

The Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to Second Order SQL Injection via the email address value submitted through forms in all versions up to, and including, 3.7.1 due to insufficient escaping on the user supplied parameter...

h1-ctf: Stopping Grinch to ruin XMas!

Hello, Gonna just submit flags first then will send my write up later tomorrow. flag1: flag48104912-28b0-494a-9995-a203d1e261e7 https://hackyholidays.h1ctf.com/robots.txt recon revealing hidden endpoint flag2: flagb7ebcb75-9100-4f91-8454-cfb9574459f7 https://hackyholidays.h1ctf.com/s3cr3t-ar3a...

ManagEnegine ADManager Plus 6.5.40 - Multiple Vulnerabilities

Exploit for java platform in category web applications 1. ADVISORY INFORMATION ======================================== Title: ManagEnegine ADManager Plus = 6.5.40 Multiple Vulnerabilities Application: ManagEnegine Admanager Remotely Exploitable: Yes Authentication Required: Yes Versions Affected...

ManagEnegine ADManager Plus 6.5.40 - Multiple Vulnerabilities

ManagEnegine ADManager Plus 6.5.40 - Multiple Vulnerabilities 1. ADVISORY INFORMATION ======================================== Title: ManagEnegine ADManager Plus = 6.5.40 Multiple Vulnerabilities Application: ManagEnegine Admanager Remotely Exploitable: Yes Authentication Required: Yes Versions...

TinyShop二次注入一枚。

简要描述： rt TinyShop v1.0.2 详细说明： 还是 protected\controllers\simple.php文件 public function orderact ................. $address = $model-table"address"-where"id=$addressid"-find; //if!$address$this-redirect"order",false,Req::args; //if!$paymentid$this-redirect"order",false,Req::args; $data'orderno' =...