CVE-2024-1878 | SourceCodester Employee Management System 1.0 /myprofile.php id sql injection
A vulnerability was found in SourceCodester Employee Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /myprofile.php. The manipulation of the argument id with the input 1%20or%201=1 …
CVE-2024-1877 | SourceCodester Employee Management System 1.0 /cancel.php id sql injection
A vulnerability was found in SourceCodester Employee Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /cancel.php. The manipulation of the argument id with the input 1%20or%…
CVE-2024-1876 | SourceCodester Employee Management System 1.0 /psubmit.php pid sql injection
A vulnerability was found in SourceCodester Employee Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /psubmit.php. The manipulation of the argument pid with the input '+or+1%3d1%23
leads to sql injection.
This vulnerability is traded as CVE-2024-1876. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
CVE-2024-1875 | SourceCodester Complaint Management System 1.0 Lodge Complaint Section register-complaint.php unrestricted upload
A vulnerability was found in SourceCodester Complaint Management System 1.0 and classified as critical. This issue affects some unknown processing of the file users/register-complaint.php of the component Lodge Complaint Section. The manipulation leads…
How to bypass the Snort rule?
I am learning Snort rules and faced difficulties with the following excercise.
Give examples of requests which bypass the following rule.
alert http $EXTERNAL_NET any -> $HTTP_SERVERS $HTTP_PORTS (msg:"SQL Injection Attempt"; …
CVE-2022-48626 | Linux Kernel up to 5.16.8 moxart moxart_remove use after free
A vulnerability has been found in Linux Kernel up to 5.16.8 and classified as critical. This vulnerability affects the function moxart_remove of the component moxart. The manipulation leads to use after free.
This vulnerability was named CVE-2022-4862…
CVE-2021-46904 | Linux Kernel up to 5.11.13 hso get_free_serial_index use after free
A vulnerability, which was classified as critical, was found in Linux Kernel up to 5.11.13. This affects the function get_free_serial_index of the component hso. The manipulation leads to use after free.
This vulnerability is uniquely identified as CV…
CVE-2021-46905 | Linux Kernel up to 5.12.0 hso hso_serial_tty_unregister null pointer dereference
A vulnerability, which was classified as critical, has been found in Linux Kernel up to 5.12.0. Affected by this issue is the function hso_serial_tty_unregister of the component hso. The manipulation leads to null pointer dereference.
This vulnerabili…
Any "smart" way to disable telemetry of a web application on OS/hardware level? Any specific guide/tool recommend if we use linux and lnmp env
Let’s say we know as a fact that a php web application baked in telemetry to collection data. Without scanning through the codebase, any quick hack tool that we can force the telemetry become useless given that we have full access the har…