Red Hat Security Advisory 2020-5175-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 6, 7, and 8. Issues addressed include a remote SQL injection vulnerability.
03836c1adb86dcbbd973c50adde4b91eRed Hat Security Advisory 2020-5174-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.3. Issues addressed include a remote SQL injection vulnerability.
63e165c7fabd40e538c328aef56ed1c5xuucms version 3 suffers from a remote SQL injection vulnerability.
c0a81aa562cb050ae8e03852cc39f6b4EgavilanMedia User Registration and Login System with Admin Panel versions released prior to November 17, 2020 appear susceptible to a remote SQL injection vulnerability that allows for authentication bypass.
386040b94aeb0a9e7acd29c574971b7cSocial Networking Site versions released prior to November 17, 2020 have been found susceptible to a remote SQL injection vulnerability that allows for authentication bypass.
69166da87cd3b01edb95f12154b8e131Medical Center Portal Management System released prior to November 16, 2020 have been identified as being susceptible to a local file inclusion vulnerability.
ebb1a8cb615f15dc9ac1503fc00676dcOnline Doctor Appointment Booking System PHP and MySQL version 1.0 suffers from a remote SQL injection vulnerability.
3e8e325ed4abf3f78a52effcfddad10fCar Rental Management System version 1.0 suffers from a remote SQL injection vulnerability. This version was already found to be susceptible to SQL injection by Fortunato Lodari in November of 2020.
defd2a54dc1a181b64dd2a0814b1a9acWater Billing System version 1.0 suffers from a remote SQL injection vulnerability. This version was already found to be susceptible to SQL injection by Sarang Tumne in November of 2020.
cdf15919c354982789288da1a3ee844bPandora FMS version 7.0 NG 749 suffers from a remote SQL injection vulnerability.
0a96fd3db600fad511975ab2704c5f66WordPress Good LMS plugin versions 2.1.4 and below suffer from a remote SQL injection vulnerability.
9bbed742fa8c8c3131f171c267ebfd1eWater Billing System version 1.0 suffers from a remote SQL injection vulnerability.
851dedf47fd4bd28e7b16069015cd160Customer Support System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
22a19ae8bd0680fc3d1bfdab3fb9b645Car Rental Management System version 1.0 remote SQL injection and shell upload exploit.
7028cda543bffd9460cbc39e018092daOnline Book Store version 1.0 suffers from a remote SQL injection vulnerability. This is a variant of the original vulnerability discovered in August of 2020 by Moaaz Taha.
d00d1df95e2d22bc5aa1b78b4bde7553Red Hat Security Advisory 2020-4961-01 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This release of Red Hat Process Automation Manager 7.9.0 serves as an update to Red Hat Process Automation Manager 7.8.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include XML injection, denial of service, improper authorization, man-in-the-middle, server-side request forgery, and remote SQL injection vulnerabilities.
68f0e5928f9e668ab1fbfb9ffb511bffRed Hat Security Advisory 2020-4960-01 - Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business. This release of Red Hat Decision Manager 7.9.0 serves as an update to Red Hat Decision Manager 7.8.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include XML injection, denial of service, improper authorization, man-in-the-middle, server-side request forgery, and remote SQL injection vulnerabilities.
a2b5a8d32a1b651da55bbb42b8f7ae36SmartBlog version 2.0.1 suffers from a remote blind SQL injection vulnerability.
a8136efdf513dac00bed13d8b3e40e1cStudent Attendance Management System version 1.0 suffers from a remote SQL injection vulnerability that could lead to code execution.
381fc01d9bd38316f3c147d991777a42School Log Management System version 1.0 suffers from a remote SQL injection vulnerability that could lead to code execution.
d747075f51888722bb766ae5265274faComplaints Report Management System version 1.0 suffers from a remote SQL injection vulnerability that can allow for remote code execution.
34a90af2fd41a3b86d73ac2e42ef8ce0sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
047d55e3aa2b4d5456c4bc7f12d87f75Multi Restaurant Table Reservation System version 1.0 suffers from an unauthenticated remote SQL injection vulnerability.
efabcf6a433d34eec9adc4b042e32893Simple College Website version 1.0 suffers from code execution and remote SQL injection vulnerabilities.
b79435331f73ab8e247db7039783c59fLot Reservation Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
3840f5563afd9a3a71808da95da9f196
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed