CVE-2024-33965

SQL injection vulnerability in PayPal, Credit Card and Debit Card Payment affecting version 1.0. An attacker could exploit this vulnerability by sending a specially crafted query to the server and retrieve all the information stored in it through the following 'view' in...

CVE-2024-33965

CVE-2024-33965 is a SQL injection in the PayPal, Credit Card and Debit Card Payment system (version 1.0) by janobe, exposed via the /tubigangarden/admin/mod_accomodation/index.php?view parameter. Multiple connected sources corroborate that a specially crafted query can exfiltrate stored data. Pub...

CVE-2023-6416 SQL injection in Voovi Social Networking Script

A vulnerability has been reported in Voovi Social Networking Script that affects version 1.0 and consists of a SQL injection via signup2.php in the emailadd parameter. Exploitation of this vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve...

Cross site scripting

An issue was discovered in UiPath App Studio 21.4.4. There is a persistent XSS vulnerability in the file-upload functionality for uploading icons when attempting to create new Apps. An attacker with minimal privileges in the application can build their own App and upload a malicious file containi...

Additional Analysis into the SUNBURST Backdoor | McAfee Blogs

ARCHIVED STORY Additional Analysis into the SUNBURST Backdoor Christiaan Beek · DEC 17, 2020 Executive Summary There has been considerable focus on the recent disclosures associated with SolarWinds, and while existing analysis on the broader campaign has resulted in detection against specific IoC...