CVE-2021-33177, CVE-2021-33178, and CVE-2021-33179 are SQL injection, path traversal, and XSS vulnerabilities in the popular application, service, …
Tag: Mozi botnet
Form Tools 3.0.20 – Vulnerabilities – GitHub Pages
Form Tools 3.0.20 – Vulnerabilities · CVE-2021-38143 – Stored XSS · CVE-2021-38144 – Reflected XSS · CVE-2021-38145 – SQL Injection.
Related:
Nuishop 2.3 sql injection [CVE-2020-20675] – Cloud WAF
Nuishop 2.3 sql injection [CVE-2020-20675]. August 27, 2021. Virtual Patching. A vulnerability has been found in Nuishop 2.3 and classified as critical.
Related:
Vulnerability Details : CVE-2020-18476
CVE-2020-18476 : SQL Injection vulnerability in Hucart CMS 5.7.4 via the basic information field found in the avatar usd_image field.
Related:
Vulnerability Details : CVE-2021-38168
CVE-2021-38168 : Roxy-WI through 5.2.2.0 allows authenticated SQL injection via select_servers.
Related:
Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Web Management Vulnerabilities
Multiple vulnerabilities in the web-based management interface of the Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an attacker to do the following:
- Execute arbitrary code
- Cause a denial of service (DoS) condition
- Execute arbitrary commands
For more information about these vulnerabilities, see the Details section of this advisory.
Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.
This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv340-cmdinj-rcedos-pY8J3qfy
Security Impact Rating: Critical
CVE: CVE-2021-1609,CVE-2021-1610
Related:
Patching Woes: CVEs Most Frequently Exploited Listed
Accellion: CVE-2021-27101, SQL injection; CVE-2021-27102, OS command execution; CVE-2021-27103, server-side request forgery; …
Related:
Patching Woes: Most Frequently Exploited CVEs Listed
Accellion: CVE-2021-27101, SQL injection; CVE-2021-27102, OS command execution; CVE-2021-27103, server-side request forgery; and …
Related:
New post from (Oracle Database Server 10.1.0.5 sql injection [CVE-2007-2113] [D… – Bug Bounty …
… 10.1.0.5 sql injection [CVE-2007-2113] [Disputed]) has been published on https://t.co/mWtPzA5ZZs · Penetration Testing Hybrid, SQL INJECTION …
Related:
Citrix advisory on Microsoft Windows Print Spooler Vulnerabilities (CVE-2021-34527 & CVE-2021-1675)
Apply the security updates for CVE-2021-34527 & CVE-2021-1675
Note: that the security updates released on and after July 6, 2021 contain protections for CVE-2021-1675 and the additional remote code execution exploit in the Windows Print Spooler service known as “PrintNightmare”, documented in CVE-2021-34527.