Tag: sql

Root-Zugriff durch SQL-Injection-Lücke in Firepower möglich

Jun 5, 2024 9:04 AM

Tags: access, cisco, injection, sql

First seen on heise.de Jump to article: www.heise.de/news/Cisco-Root-Zugriff-durch-SQL-Injection-Luecke-in-Firepower-moeglich-9729121.html
Critical wpDataTables Vulnerability Let Attackers Perform SQL Injection

Jun 5, 2024 8:03 AM

Tags: data, injection, sql, vulnerability, wordpress

A critical security vulnerability has been discovered in the wpDataTables WordPress Data Table, Dynamic Tables & Table Charts Plugin, a popular pl… First seen on gbhackers.com Jump to article: gbhackers.com/critical-wpdatatables-vulnerability/
Cisco Firepower Vulnerability Let Attackers Launch SQL Injection Attacks

May 30, 2024 8:21 AM

Tags: attack, cisco, injection, software, sql, vulnerability

A critical vulnerability has been identified in Cisco Firepower Management Center (FMC) Software’s web-based management interface. This vulnerability… First seen on gbhackers.com Jump to article: gbhackers.com/cisco-firepower-vulnerability/
A high-severity vulnerability affects Cisco Firepower Management Center

May 29, 2024 9:13 PM

Tags: cisco, injection, sql, vulnerability

Cisco addressed a SQL injection vulnerability in the web-based management interface of the Firepower Management Center (FMC) Software. Cisco addresse… First seen on securityaffairs.com Jump to article: securityaffairs.com/163718/security/a-high-severity-vulnerability-affects-cisco-firepower-management-center.html
Critical SQL Injection flaws impact Ivanti Endpoint Manager (EPM)

May 26, 2024 1:20 PM

Tags: endpoint, flaw, injection, ivanti, remote-code-execution, sql

Ivanti addressed multiple flaws in the Endpoint Manager (EPM), including remote code execution vulnerabilities. Ivanti this week rolled out security p… First seen on securityaffairs.com Jump to article: securityaffairs.com/163587/security/ivanti-endpoint-manager-critical-sql-injection.html
SolarWinds Updates Plan Explorer to Boost SQL Query Performance

May 24, 2024 9:20 PM

Tags: sql, update

First seen on scmagazine.com Jump to article: www.scmagazine.com/news/solarwinds-updates-plan-explorer-to-boost-sql-query-performance
Mallox Ransomware Deployed Via MS-SQL Honeypot Attack

May 16, 2024 10:06 AM

Tags: attack, ransomware, sql

First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/mallox-ransomware-deployed-via-ms/
Researchers Hacked Apple Infrastructure Using SQL Injection

May 12, 2024 1:19 PM

Tags: apple, infrastructure, injection, sql

Researchers found several points of entry for potential attackers, one of which was Apple’s Book Travel portal, where they took advantage of a signifi… First seen on gbhackers.com Jump to article: gbhackers.com/apple-infrastructure-sql-injection/
Threat Actors Attacking MS-SQL Servers to Deploy Ransomware

May 3, 2024 8:40 AM

Tags: cyberattack, cybersecurity, microsoft, ransomware, sql

Cybersecurity experts have uncovered a series of sophisticated cyberattacks targeting poorly managed Microsoft SQL (MS-SQL) servers. The attackers, id… First seen on gbhackers.com Jump to article: gbhackers.com/ms-sql-deploy-ransomware/
Grafana Tool Vulnerability Let Attackers Inject SQL Queries

Apr 30, 2024 4:40 PM

Tags: injection, monitoring, open-source, sql, tool, vulnerability

The popular open-source platform Grafana, widely used for monitoring and observability, has been found to contain a severe SQL injection vulnerability… First seen on gbhackers.com Jump to article: gbhackers.com/grafana-tool-vulnerability/
WP Automatic WordPress plugin hit by millions of SQL injection attacks

Apr 28, 2024 5:40 PM

Tags: attack, hacker, injection, sql, vulnerability, wordpress

Hackers have started to target a critical severity vulnerability in the WP Automatic plugin for WordPress to create user accounts with administrative … First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/wp-automatic-wordpress-plugin-hit-by-millions-of-sql-injection-attacks/
SQL injection vulnerability in Fortinet software under attack

Apr 25, 2024 9:40 PM

Tags: attack, cisa, cve, fortinet, injection, software, sql, vulnerability

Fortinet and CISA confirmed CVE-2023-48788 is being actively exploited. But the Shadowserver Foundation found that many vulnerable instances remain on… First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366575417/SQL-injection-vulnerability-in-Fortinet-software-under-attack
Uncle Sam’s had it up to here with ‘unforgivable’ SQL injection flaws

Apr 19, 2024 3:39 PM

Tags: flaw, injection, sql

First seen on theregister.com Jump to article: www.theregister.com/2024/03/26/fbi_cisa_sql_injection/
Schwere Sicherheitslücke in WordPress-Plugin Layerslider – SQL-Injection eröffnet Angreifer Zugang zu WordPress

Apr 16, 2024 6:17 AM

Tags: bug, injection, sql, wordpress

First seen on security-insider.de Jump to article: www.security-insider.de/kritische-sicherheitsluecke-layerslider-plugin-entdeckt-a-a2f1c11fa3a5fb78c1bd3639abea4a90/
LayerSlider Plugin Flaw Exposes 1M Sites To SQL Injections

Apr 15, 2024 9:16 PM

Tags: data-breach, flaw, injection, sql, wordpress

Recent media reports have revealed a crucial LayerSlider plugin flaw. According to these reports, this flaw has exposed numerous WordPress sites to SQ… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/04/layerslider-plugin-flaw-exposes-1m-sites-to-sql-injections/
Critical Security Flaw Exposes 1 Million WordPress Sites to SQL Injection

Apr 11, 2024 8:02 PM

Tags: bug-bounty, flaw, injection, sql, vulnerability, wordpress

A researcher received a $5,500 bug bounty for discovering a vulnerability (CVE-2024-2879) in LayerSlider, a plug-in with more than a million active in… First seen on darkreading.com Jump to article: www.darkreading.com/remote-workforce/critical-security-flaw-wordpress-sql-injection
How to Tame SQL Injection

Apr 10, 2024 7:36 PM

Tags: injection, sql

First seen on darkreading.com Jump to article: www.darkreading.com/application-security/tools-and-techniques-to-tame-sql-injection
CISA and FBI Issue Alert on SQL Injection Vulnerabilities

Apr 9, 2024 7:36 PM

Tags: cisa, injection, software, sql, vulnerability

SQL injection vulnerabilities, often abbreviated as SQLi, persist as a significant issue in commercial software products. In response to a recent high… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/04/cisa-and-fbi-issue-alert-on-sql-injection-vulnerabilities/
Critical flaw in LayerSlider WordPress plugin impacts 1 million sites

Apr 5, 2024 12:36 AM

Tags: flaw, injection, sql, vulnerability, wordpress

A premium WordPress plugin named LayerSlider, used in over one million sites, is vulnerable to unauthenticated SQL injection, requiring admins to prio… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/critical-flaw-in-layerslider-wordpress-plugin-impacts-1-million-sites/
Critical Vulnerability Found in LayerSlider Plugin Installed on a Million WordPress Sites

Apr 4, 2024 1:36 PM

Tags: injection, sql, vulnerability, wordpress

A critical SQL injection vulnerability in the LayerSlider WordPress plugin allows attackers to extract sensitive information. The post al SQL injectio… First seen on securityweek.com Jump to article: www.securityweek.com/critical-vulnerability-found-in-layerslider-plugin-installed-on-a-million-wordpress-sites/
Feds Seek Secure-by-Design Armageddon for SQL Injection Bugs

Apr 4, 2024 7:36 AM

Tags: hacker, injection, sql, vulnerability

Hackers Continue to Abuse Easily Preventable Vulnerability to Cause Massive Damage What will it take to rid the world of SQL injection vulnerabilities… First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/blogs/feds-seek-secure-by-design-armageddon-for-sql-injection-bugs-p-3599
Secure by Design: CISA und FBI wollen SQL-Injections den Garaus machen

Mar 27, 2024 2:37 AM

Tags: cisa, injection, sql

First seen on heise.de Jump to article: www.heise.de/news/Secure-by-Design-CISA-und-FBI-wollen-SQL-Injections-den-Garaus-machen-9666289.html
CISA and FBI Urge Renewed Effort to Eliminate SQL Injection Flaws

Mar 27, 2024 2:37 AM

Tags: cisa, flaw, injection, sql

First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cisa-fbi-renewed-effort-eliminate/
CISA Seeks to Curtail ‘Unforgivable’ SQL Injection Defects

Mar 27, 2024 2:37 AM

Tags: cisa, injection, sql

First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/cisa-seeks-to-stem-unforgivable-sql-injection-defects
CISA Warns Of Active Exploitation Of Flaws In Fortinet, Ivanti, Nice Linear

Mar 27, 2024 2:37 AM

Tags: cve, exploit, flaw, fortinet, ivanti, sql, vulnerability

A recent security alert warns of three critical vulnerabilities actively exploited in the wild, of which the first is CVE-2023-48788, an SQL injection… First seen on gbhackers.com Jump to article: gbhackers.com/cisa-warns-of-active-exploitation/
CISA FBI Warns that Hackers Use SQL Injection Vulnerabilities to hack Servers

Mar 27, 2024 2:37 AM

Tags: cybersecurity, hacker, infrastructure, injection, sql, technology, vulnerability

Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have warned technology manufacturers and their c… First seen on gbhackers.com Jump to article: gbhackers.com/cisa-fbi-warns-sql-injection/
CISA urges software devs to weed out SQL injection vulnerabilities

Mar 27, 2024 2:37 AM

Tags: cisa, injection, software, sql, vulnerability

CISA and the FBI urged executives of technology manufacturing companies to prompt formal reviews of their organizations’ software and implement mitiga… First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-urges-software-devs-to-weed-out-sql-injection-vulnerabilities/
US Government Urges Software Makers to Eliminate SQL Injection Vulnerabilities

Mar 26, 2024 9:37 PM

Tags: cisa, government, injection, software, sql, vulnerability

CISA and the FBI issue a secure-by-design alert on eliminating SQL injection vulnerabilities from software. The post the FBI issue a secure-by-design… First seen on securityweek.com Jump to article: www.securityweek.com/us-government-urges-software-makers-to-eliminate-sql-injection-vulnerabilities/
Recent Fortinet FortiClient EMS Vulnerability Exploited in Attacks

Mar 26, 2024 7:37 PM

Tags: attack, cve, exploit, fortinet, injection, sql, vulnerability

CVE-2023-48788, a critical SQL injection vulnerability in Fortinet’s FortiClient EMS product, is being exploited in the wild. The post -48788, a criti… First seen on securityweek.com Jump to article: www.securityweek.com/recent-fortinet-forticlient-ems-vulnerability-exploited-in-attacks/
Exploit Released For Critical Fortinet RCE Flaw: Patch Soon!

Mar 25, 2024 1:17 PM

Tags: flaw, fortinet, rce, remote-code-execution, sql, update

FortiClientEMS (Enterprise Management Server), the security solution used for scalable and centralized management, was discovered with an SQL injectio… First seen on gbhackers.com Jump to article: gbhackers.com/exploit-fortinet-rce-flaw-patch/