Sql injection

When deleting a date in the Xllentech English Islamic Calendar WordPress plugin before 2.6.8, the yearnumber and monthnumber POST parameters are not sanitised, escaped or validated before being used in a SQL statement, leading to SQL injection...

CVE-2020-23310

There is an Assertion 'contextp-nextscannerinfop-type == SCANNERTYPEFUNCTION' failed at js-parser-statm.c:733 in parserparsefunctionstatement in JerryScript 2.2.0...

UBUNTU-CVE-2020-23310

There is an Assertion 'contextp-nextscannerinfop-type == SCANNERTYPEFUNCTION' failed at js-parser-statm.c:733 in parserparsefunctionstatement in JerryScript 2.2.0...

UBUNTU-CVE-2020-23314

There is an Assertion 'blockfound' failed at js-parser-statm.c:2003 parserparsetrystatementend in JerryScript 2.2.0...

Information disclosure

DISPUTED Accela Civic Platform through 20.1 allows ssoAdapter/logoutAction.do successURL XSS. NOTE: the vendor states "there are configurable security flags and we are unable to reproduce them with the available information."...

Information disclosure

DISPUTED In Accela Civic Platform through 21.1, the security/hostSignon.do parameter servProvCode is vulnerable to XSS. NOTE: The vendor states "there are configurable security flags and we are unable to reproduce them with the available information."...

Stack overflow

Stack overflow vulnerability in parsestatementlist Cesanta MJS 1.20.1, allows remote attackers to cause a Denial of Service DoS via a crafted file...

Cesanta MJS 缓冲区错误漏洞

Cesanta MJS is an embedded JavaScript engine for C/C++, designed for microcontrollers with limited resources. A stack overflow vulnerability exists in parsestatement in Cesanta MJS version 1.20.1. An attacker can exploit this vulnerability via specially crafted files to cause a denial of service...

Cesanta MJS 缓冲区错误漏洞

Cesanta MJS is an embedded JavaScript engine for C/C++, designed for resource-constrained microcontrollers. A stack overflow vulnerability exists in parsestatementlist in Cesanta MJS version 1.20.1. An attacker can exploit this vulnerability via a specially crafted file to cause a denial of servi...

Side Menu < 3.1.5 - Authenticated (admin+) SQL Injection

The menu delete functionality of the plugin, available to Administrator users takes the did GET parameter and uses it into an SQL statement without proper sanitisation, validation or escaping, therefore leading to a SQL Injection issue PoC GET /wp-admin/admin.php?page=side-menu=del=1%20OR%201=1...

Should reset timelockERC721s after calling transferERC721

Handle shw Vulnerability details Impact The function transferERC721 does not reset timelockERC721s after the NFT is transferred. If the same NFT token is time-locked again but with a different recipient, the recipient could not transfer the time-locked NFT by calling transferERC721 since he...

libyang: double-free in yyparse() when a type statement is used in a notification statement

A double-free flaw occurs in libyang in function yyparse when a type statement is used in a notification statement. Applications that use libyang to process untrusted input YANG files may be vulnerable to this flaw, possibly causing a crash or potential code execution...

Sql injection

The requestlistrequest AJAX call of the Car Seller - Auto Classifieds Script WordPress plugin through 2.1.0, available to both authenticated and unauthenticated users, does not sanitise, validate or escape the orderid POST parameter before using it in a SQL statement, leading to a SQL Injection...

CVE-2021-24285 Car Seller - Auto Classifieds Script <= 2.1.0 - Unauthenticated SQL Injection

The requestlistrequest AJAX call of the Car Seller - Auto Classifieds Script WordPress plugin through 2.1.0, available to both authenticated and unauthenticated users, does not sanitise, validate or escape the orderid POST parameter before using it in a SQL statement, leading to a SQL Injection...

CVE-2021-32573

The express-cart package through 1.1.10 for Node.js allows Reflected XSS for an admin via a user input field for product options. NOTE: the vendor states that this "would rely on an admin hacking his/her own website...

U.S. Declares Emergency in 17 States Over Fuel Pipeline Cyber Attack

The ransomware attack against Colonial Pipeline's networks has prompted the U.S. Federal Motor Carrier Safety Administration FMCSA to issue a regional emergency declaration in 17 states and the District of Columbia D.C.. The declaration provides a temporary exemption to Parts 390 through 399 of t...

Chase Bank Phish Swims Past Exchange Email Protections

Threat actors are impersonating Chase Bank in two phishing attacks that can slip past Microsoft Exchange security protections in an aim to steal credentials from victims — by spoofing real-life customer scenarios. Researchers from Armorblox recently discovered the attacks, one of which claims to...

FBI-DHS-CISA Joint Advisory on Russian Foreign Intelligence Service Cyber Operations

The Federal Bureau of Investigation FBI, Department of Homeland Security, and CISA have released a Joint Cybersecurity Advisory CSA addressing Russian Foreign Intelligence Service SVR cyber actors—also known as Advanced Persistent Threat 29 APT 29, the Dukes, CozyBear, and Yttrium—continued...

150,000 Verkada security cameras hacked—to make a point

Hackers were able to gain access to camera feeds from Verkada, a tech company that specializes in video security and physical access control, to demonstrate how prevalent surveillance is, reports say. Unfortunately, it also exposed the inner workings of hospitals, clinics, and mental health...

CVE-2021-28141

An issue was discovered in Progress Telerik UI for ASP.NET AJAX 2021.1.224. It allows unauthorized access to MicrosoftAjax.js through the Telerik.Web.UI.WebResource.axd file. This may allow the attacker to gain unauthorized access to the server and execute code. To exploit, one must use the...