-
Mar 1, 2024 | 
packetstormsecurity.com | Fernando Mengali
- Title: Membership Management System - SQL injection- Application: Hospital Management System- Date: 01.03.2024- Bugs: SQL injection- Exploit Author: SoSPiro- Vendor Homepage: https://codeastro.com/author/nbadmin/- Software Link: https://codeastro.com/membership-management-system-in-php-with-source-code/- Version: 1.0- Tested on: Windows 10 64 bit Wampserver### Vulnerability Description:The provided payload in the POST request indicates a potential SQL injection vulnerability.
-
Mar 1, 2024 | 
packetstormsecurity.com | Fernando Mengali
==========================================================================Ubuntu Security Notice USN-6670-1February 29, 2024php-guzzlehttp-psr7 vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.04 LTS (Available with Ubuntu Pro)- Ubuntu 20.04 LTSSummary:Several header injection issues were fixed in php-guzzlehttp-psr7.
-
Mar 1, 2024 | 
packetstormsecurity.com | Fernando Mengali
==========================================================================Ubuntu Security Notice USN-6651-3February 29, 2024linux-starfive-6.5 vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.04 LTSSummary:Several security issues were fixed in the Linux kernel.
-
Mar 1, 2024 | 
packetstormsecurity.com | Fernando Mengali
The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1055.jsonRed Hat officially shut down their mailing list notifications October 10, 2023. Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.
-
Mar 1, 2024 | 
packetstormsecurity.com | Fernando Mengali
The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1061.jsonRed Hat officially shut down their mailing list notifications October 10, 2023. Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.
-
Feb 29, 2024 | 
packetstormsecurity.com | Fernando Mengali
The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1027.jsonRed Hat officially shut down their mailing list notifications October 10, 2023. Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.
-
Feb 29, 2024 | 
packetstormsecurity.com | Fernando Mengali
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024Original source: https://malvuln.com/advisory/2a442d3da88f721a786ff33179c664b7.txtContact: [email protected]: twitter.com/malvulnThreat: Backdoor.Win32.Agent.amtVulnerability: Authentication BypassDescription: The malware can run an FTP server which listens on TCP port 2121. Third-party attackers who can reach infected systems can logon using any username/password combination.
-
Feb 29, 2024 | 
packetstormsecurity.com | Fernando Mengali
==========================================================================Ubuntu Security Notice USN-6653-2February 28, 2024linux-aws, linux-aws-5.15 vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.04 LTS- Ubuntu 20.04 LTSSummary:Several security issues were fixed in the Linux kernel.
-
Feb 29, 2024 | 
packetstormsecurity.com | Fernando Mengali
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5634-1 [email protected] https://www.debian.org/security/ Andres Salomon February 28, 2024 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : chromium CVE ID : CVE-2024-1938 CVE-2024-1939 Multiple security issues were discovered in Chromium, which could result in the...
-
Feb 29, 2024 | 
packetstormsecurity.com | Fernando Mengali
# Exploit Title: IDonate – blood request management system <=1.8.1 - Stored Cross-Site Scripting (Authenticated) # Date: 29-02-2024 # Exploit Author: Laburity Research Team # Vendor Homepage: https://wordpress.org/plugins/idonate/ # Version: <=1.8.1 # Tested on: Firefox # Contact me: contact [at] laburity.com # Summary: A cross site scripting stored vulnerability has been identified in WordPress Plugin IDonate – blood request management system version less then 1.8.1. that allows...
