sql injection – Page 2 – MCYSEKA-Maritime Cyber Security Knowledge Archive

Critical SQL Injection flaws in Gentoo Soko can lead to Remote Code Execution

SQL injection vulnerabilities in Gentoo Soko could lead to remote code execution (RCE) on impacted systems. SonarSource researchers discovered two SQL injection vulnerabilities in Gentoo Soko, collectively tracked as CVE-2023-28424 (CVSS score: 9.1) [1],[2], that can be exploited by a remote attacker to execute arbitrary code on vulnerable systems. “The two package search handlers, Search […]

The post Critical SQL Injection flaws in Gentoo Soko can lead to Remote Code Execution appeared first on Security Affairs.

June 28, 2023

0 comment

MOVEit mayhem 3: “Disable HTTP and HTTPS traffic immediately”

Twice more unto the breach… patch being tested, in the meantime, shut down web access.

June 16, 2023

0 comment

It’s time to patch your MOVEit Transfer solution again!

Progress Software customers who use the MOVEit Transfer managed file transfer solution might not want to hear it, but they should quickly patch their on-prem installations again: With the help of researchers from Huntress, the company has uncovered add…

June 12, 2023

0 comment

Zero-day MOVEit Transfer vulnerability exploited in the wild, heavily targeting North America

Read the technical details about this zero-day MoveIT vulnerability, find out who is at risk, and learn how to detect and protect against this SQL injection attack.
The post Zero-day MOVEit Transfer vulnerability exploited in the wild, heavily targetin…

June 6, 2023

0 comment

Hack The Box: Metatwo Machine Walkthrough – Easy Difficulty

In this post, I would like to share a walkthrough of the Metatwo Machine from Hack the Box This room will be considered a medium machine on Hack the Box What will you gain from the Metatwo machine? For the user flag, you will need to abuse the WordPress server which one of the plugins has […]

The post Hack The Box: Metatwo Machine Walkthrough – Easy Difficulty appeared first on Threatninja.net.

April 29, 2023

0 comment

HashiCorp Vault vulnerability could lead to RCE, patch today! (CVE-2023-0620)

Oxeye discovered a new vulnerability (CVE-2023-0620) in the HashiCorp Vault Project, an identity-based secrets and encryption management system that controls access to API encryption keys, passwords, and certificates. The vulnerability was an SQL injec…

April 12, 2023

0 comment

SQLiDetector : Simple Python Script Supported With BurpBouty Profile To Detect SQL Injection

SQLiDetector is a simple python script supported with BurpBouty profile that helps you to detect SQL injection “Error based” by sending multiple requests with 14 payloads and checking for 152 regex patterns for different databases. Description The main idea for the tool is scanning for Error Based SQL Injection by using different payloads like And […]

February 18, 2023

0 comment

Ghauri : Automates The Process Of Detecting And Exploiting SQL Injection Security Flaws

Ghauri is an advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws. Requirements Installation Download Ghauri You can download the latest version of Ghauri by cloning the GitHub repository. Features Advanced Usage Legal disclaimer

February 16, 2023

0 comment

LearnPress Plugin Vulnerabilities Risk Numerous WordPress Sites

Researchers discovered multiple vulnerabilities in the LearnPress WordPress plugin, allowing SQL injection and file inclusion…
LearnPress Plugin Vulnerabilities Risk Numerous WordPress Sites on Latest Hacking News | Cyber Security News, Hacking T…

January 30, 2023

0 comment

This “teler-waf” Tool Protects Go Apps From Web-based Attacks

A security researcher has released a new security tool that fends off web-based attacks like…
This “teler-waf” Tool Protects Go Apps From Web-based Attacks on Latest Hacking News | Cyber Security News, Hacking Tools and Penetration Testing Course…

January 16, 2023

0 comment

1 2

M	T	W	T	F	S	S
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28

M	T	W	T	F	S	S
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28