[M-01] Denial of Service with failed call Dos

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. External calls can fail accidentally or deliberately, which can cause a DoS condition in the contract. To minimize the damage caused by such failures, it is better to isolate each external call into its...

Sql injection

The User Activity Log WordPress plugin before 1.6.3 does not properly sanitise and escape the txtsearch parameter before using it in a SQL statement in some admin pages, leading to a SQL injection exploitable by high privilege users such as admin...

vm2 End of Life (EOL) Detection

The vm2 version on the remote host has reached the end of life EOL and should not be used anymore. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Sql injection

The ANGradeBook WordPress plugin through 5.0.1 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber...

Attacker can steal vault funds through the deposit function.

Lines of code Vulnerability details Impact In the deposit function, a check is made to see if the amount of assets being deposited by the user is greater than the amount of assets the vault currently holds. The vault then transfers the difference between the assets being deposited and the vault’s...

quickform, , Other

Developer states exploit is "hack yourself" scenario...

Hackers Exploit Flaws in Revolut’s Payment System, Stealing $20 Million

By Waqas Revolut has not yet issued an official statement regarding the cyber attack. This is a post from HackRead.com Read the original post: Hackers Exploit Flaws in Revoluts Payment System, Stealing $20 Million...

SQL Injection

Description GLPI 10.0.8 and are affected by an SQL injection on the page ajax/dashboard.php Proof of Concept I can provide you the POC written in python3.5 or higher. Just provide me a way to send it to you. Tested under the following environment: - Ubuntu 20.04 - GLPI 10.0.8 and 10.0.7 - Mysql...

postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file permissions

A flaw was found in org.postgresql. This issue allows the creation of a temporary file when using PreparedStatement.setTextint, InputStream and PreparedStatemet.setByteaint, InputStream. This could allow a user to create an unexpected file available to all users, which could end in unexpected...

postgresql-jdbc: Information leak of prepared statement data due to insecure temporary file permissions

A flaw was found in org.postgresql. This issue allows the creation of a temporary file when using PreparedStatement.setTextint, InputStream and PreparedStatemet.setByteaint, InputStream. This could allow a user to create an unexpected file available to all users, which could end in unexpected...

Sql injection

The FormCraft WordPress plugin before 3.9.7 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...

CVE-2023-2744 WP ERP < 1.12.4 - Admin+ SQL Injection

The ERP WordPress plugin before 1.12.4 does not properly sanitise and escape the type parameter in the erp/v1/accounting/v1/people REST API endpoint before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...

CVE-2023-34868

Jerryscript 3.0 commit 05dbbd1 was discovered to contain an Assertion Failure via the parserparseforstatementstart at jerry-core/parser/js/js-parser-statm.c...

UBUNTU-CVE-2023-34868

Jerryscript 3.0 commit 05dbbd1 was discovered to contain an Assertion Failure via the parserparseforstatementstart at jerry-core/parser/js/js-parser-statm.c...

Upgraded Q -> 2 from #130 [1686726021314]

Judge has assessed an item in Issue 130 as 2 risk. The relevant finding follows: Possible Infinite Loops If the condition triggers the continue, then the loop variable does not get incremented. The condition never changes, as the same condition is checked over and over again, resulting in an...

PT-2023-25040 · Unknown · Jerryscript

Name of the Vulnerable Software and Affected Versions: Jerryscript version 3.0 commit 05dbbd1 Description: The issue is related to an Assertion Failure in the parser parse for statement start function at jerry-core/parser/js/js-parser-statm.c. This failure can occur due to a problem in the parsin...

QueryWall: Plug'n Play Firewall <= 1.1.1 - Admin+ SQLi

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin. PoC 1. Send GET /wp-admin/admin.php?page=querywall=datetimegmt=desc%2cselectfromselectsleep20a 2. See SQL execution...

CVE-2023-31614

An issue in the mpboxdeserializestring function in openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS after running a SELECT statement...

RHEL 8 : postgresql-jdbc (RHSA-2023:2867)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:2867 advisory. PostgreSQL is an advanced object-relational database management system. The postgresql-jdbc package includes the .jar files needed for Java programs ...

DEBIAN-CVE-2023-31614

An issue in the mpboxdeserializestring function in openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service DoS after running a SELECT statement...