History Log by click5 < 1.0.13 - Admin+ Time-Based Blind SQL Injection

Description The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by admin users when using the Smash Balloon Social Photo Feed plugin alongside it. PoC 1 Navigate to Instagram Feed Settings Manage Sources, then cli...

History Log by click5 < 1.0.13 - Admin+ Time-Based Blind SQL Injection

Description The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by admin users when using the Smash Balloon Social Photo Feed plugin alongside it. 1 Navigate to Instagram Feed Settings Manage Sources, then click o...

require statement commented posses attack by malicious contract

Lines of code Vulnerability details Impact The 'require' statement commented posses attack by malicious contract. The LiquidityMiningPath.sol contract has the Governance requirement of the ‘require’ statement commented. If the intention was to make use of the ‘require’ statement, uncomment it so ...

GHSA-XM7X-F3W2-4HJM Presto JDBC Server-Side Request Forgery by redirect

Summary Presto JDBC is vulnerable to Server-Side Request Forgery SSRF when connecting a remote Presto server. An attacker can construct a redirect response that Presto JDBC client will follow and view sensitive information from highly sensitive internal servers or perform a local port scan. Detai...

CVE-2023-4732

A flaw was found in pfnswapentrytopage in memory management subsystem in the Linux Kernel. In this flaw, an attacker with a local user privilege may cause a denial of service problem due to a BUG statement referencing pmdt x...

CVE-2023-4732 Kernel: race between task migrating pages and another task calling exit_mmap to release those same pages getting invalid opcode bug in include/linux/swapops.h

A flaw was found in pfnswapentrytopage in memory management subsystem in the Linux Kernel. In this flaw, an attacker with a local user privilege may cause a denial of service problem due to a BUG statement referencing pmdt x...

CVE-2023-4732

A flaw was found in pfnswapentrytopage in memory management subsystem in the Linux Kernel. In this flaw, an attacker with a local user privilege may cause a denial of service problem due to a BUG statement referencing pmdt x...

Malicious code in @zettle-bo/account-statement (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9e421dbf9f81cc4fbfbcfb01be2a65fa8509eb33a2be27ee6aab920ca00359f3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-41374

Double free issue exists in Kostac PLC Programming Software Version 1.6.11.0 and earlier. Arbitrary code may be executed by having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier because the issue exists in parsing of...

ROS-20230918-04

A vulnerability in the Poppler PDF rendering library is related to the lack of thread checking before saving the embedded main function file in pdfunite.cc. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. A vulnerability in the Poppler PDF...

Zero Amount Check Missing in reLP function

Lines of code Vulnerability details Impact If amount is 0, the reLP function will still execute all its operations, including external contract calls, which consume gas. This could lead to unnecessary gas costs for the caller. In a worst-case scenario, if this function is called repeatedly with...

CVE-2023-39359

Cacti is an open source operational monitoring and fault management framework. An authenticated SQL injection vulnerability was discovered which allows authenticated users to perform privilege escalation and remote code execution. The vulnerability resides in the graphs.php file. When dealing wit...

CVE-2023-2453

There is insufficient sanitization of tainted file names that are directly concatenated with a path that is subsequently passed to a ‘requireonce’ statement. This allows arbitrary files with the ‘.php’ extension for which the absolute path is known to be included and executed. There are no known...

Design/Logic Flaw

There is insufficient sanitization of tainted file names that are directly concatenated with a path that is subsequently passed to a ‘requireonce’ statement. This allows arbitrary files with the ‘.php’ extension for which the absolute path is known to be included and executed. There are no known...

Credit Lite 1.5.4 - SQL Injection

Exploit Title: Credit Lite 1.5.4 - SQL Injection Exploit Author: CraCkEr Date: 31/07/2023 Vendor: Hobby-Tech Vendor Homepage: https://codecanyon.net/item/credit-lite-micro-credit-solutions/39554392 Software Link: https://credit-lite.appshat.xyz/ Version: 1.5.4 Tested on: Windows 10 Pro Impact:...

CVE-2023-4732

A flaw was found in pfnswapentrytopage in memory management subsystem in the Linux Kernel. In this flaw, an attacker with a local user privilege may cause a denial of service problem due to a BUG statement referencing pmdt x. Mitigation A possible workaround is disabling Transparent Hugepage...

UNSAFE CASTING CAN LEAD TO ERRORNEOUS utility VALUE CALCULATION

Lines of code Vulnerability details Impact The EvolvingProteus.getUtility function is used to calculate the utility value of the pool at the time of the function call. The utilitiy is calculated using a quadratic formula which is shown below: kab - 1u2 + ay + bxu + xy/k = 0 Above quadratic equati...

CVE-2023-4407

A vulnerability classified as critical was found in Codecanyon Credit Lite 1.5.4. Affected by this vulnerability is an unknown functionality of the file /portal/reports/accountstatement of the component POST Request Handler. The manipulation of the argument date1/date2 leads to sql injection. The...

Sql injection

A vulnerability classified as critical was found in Codecanyon Credit Lite 1.5.4. Affected by this vulnerability is an unknown functionality of the file /portal/reports/accountstatement of the component POST Request Handler. The manipulation of the argument date1/date2 leads to sql injection. The...

Codecanyon Credit Lite SQL注入漏洞

Codecanyon Credit Lite is a multi-branch loan and savings management system from Codecanyon Corporation. A SQL injection vulnerability exists in Codecanyon Credit Lite version 1.5.4, which stems from the parameter date1/date2 of /portal/reports/accountstatement that could lead to SQL injection...