sql injection Archives • Page 5 of 6 • Daily CyberSecurity

CVE-2025-48912: Apache Superset Flaw Allows Row-Level Security Bypass via SQL Injection Apache Superset, Data Security

CVE-2025-48912: Apache Superset Flaw Allows Row-Level Security Bypass via SQL Injection

Do Son May 31, 2025

A serious security vulnerability has been discovered in Apache Superset, a widely used open-source data exploration and...

Earth Lamia: China-Linked APT Targets Global Industries with Custom Backdoors

Do Son May 28, 2025

Trend Micro’s latest threat intelligence report uncovers Earth Lamia — a stealthy and evolving China-nexus advanced persistent...

CVSS 10.0 Flaws in Siemens OZW Web Servers Enable Unauthenticated RCE and Admin Access CVE-2024-37998 and CVE-2024-39601 CVEs 2025-26389 and 2025-26390 Siemens OZW

CVE-2024-37998 and CVE-2024-39601 CVEs 2025-26389 and 2025-26390 Siemens OZW

CVSS 10.0 Flaws in Siemens OZW Web Servers Enable Unauthenticated RCE and Admin Access

Do Son May 14, 2025

Siemens has released a critical security advisory (SSA-047424) addressing two severe vulnerabilities—CVE-2025-26389 and CVE-2025-26390—affecting its OZW672 and...

Siemens Fixes 66 SQL Injection Flaws in TeleControl Server Basic Siemens, SQL Injection

Siemens Fixes 66 SQL Injection Flaws in TeleControl Server Basic

Do Son April 18, 2025

Siemens has released a critical security advisory addressing 66 high-severity SQL injection vulnerabilities impacting its TeleControl Server...

Joomla Security Alert: Critical SQL Injection & MFA Bypass Vulnerabilities Uncovered Joomla Vulnerability SQL Injection

Joomla Security Alert: Critical SQL Injection & MFA Bypass Vulnerabilities Uncovered

Do Son April 11, 2025

The Joomla Project has issued two security announcements addressing two significant vulnerabilities affecting its CMS and database...

Multiple Vulnerabilities in Zabbix Open the Door to XSS, DoS, and SQL Injection CVE-2024-36465

Multiple Vulnerabilities in Zabbix Open the Door to XSS, DoS, and SQL Injection

Do Son April 3, 2025

Zabbix, a cornerstone in IT infrastructure monitoring fixed five newly disclosed security vulnerabilities ranging from low-severity information...

Triple Threat in Frappe Framework: SQL Injection, RCE, and Info Disclosure Fixed in Recent Patches Frappe Framework vulnerability

Triple Threat in Frappe Framework: SQL Injection, RCE, and Info Disclosure Fixed in Recent Patches

Do Son March 27, 2025

Multiple critical security vulnerabilities have been identified in the Frappe Framework, a full-stack web framework powering ERPNext...

Apache VCL Hit by SQL Injection (CVE-2024-53678) and XSS (CVE-2024-53679) Vulnerabilities CVE-2024-53678 & CVE-2024-53679

Apache VCL Hit by SQL Injection (CVE-2024-53678) and XSS (CVE-2024-53679) Vulnerabilities

Do Son March 26, 2025

Apache VCL (Virtual Computing Lab), a widely-used open-source cloud computing platform designed to deliver custom computing environments,...

Critical Mattermost Flaws (CVE-2025-20051, CVE-2025-24490, CVE-2025-25279) Expose Systems to File Read and SQL Injection Attacks Mattermost Vulnerability, Remote Code Execution CVE-2025-20051, CVE-2025-24490, and CVE-2025-25279

Mattermost Vulnerability, Remote Code Execution CVE-2025-20051, CVE-2025-24490, and CVE-2025-25279

Critical Mattermost Flaws (CVE-2025-20051, CVE-2025-24490, CVE-2025-25279) Expose Systems to File Read and SQL Injection Attacks

Do Son February 24, 2025

Mattermost, an open-source platform for team communication and collaboration, has addressed three critical security vulnerabilities affecting its...

Exim Mail Transfer Agent Vulnerable to Remote SQL Injection (CVE-2025-26794), PoC Published CVE-2025-26794 Exim SQL Injection, Heap Buffer Overflow

CVE-2025-26794 Exim SQL Injection, Heap Buffer Overflow

Exim Mail Transfer Agent Vulnerable to Remote SQL Injection (CVE-2025-26794), PoC Published

Do Son February 23, 2025

A new vulnerability has been discovered in Exim, a widely used mail transfer agent (MTA) for Unix-like...

Operation Digital Eye: Chinese APT Exploits Visual Studio Code Tunnels in High-Stakes Espionage Campaign

Do Son December 11, 2024

In a sophisticated cyberespionage campaign dubbed Operation Digital Eye, SentinelOne and Tinexta Cyber uncovered activities linked to...

PoC Exploit Releases for Critical Zabbix Vulnerability – CVE-2024-42327 (CVSS 9.9) Screenshot 2024-12-03 172203

PoC Exploit Releases for Critical Zabbix Vulnerability – CVE-2024-42327 (CVSS 9.9)

Do Son December 3, 2024

Security researcher Alejandro Ramos has published a detailed technical analysis and proof-of-concept (PoC) exploit code for CVE-2024-42327,...

CVE-2024-42327 (CVSS 9.9): Critical SQL Injection Vulnerability Found in Zabbix

Do Son November 27, 2024

Zabbix, a popular open-source IT infrastructure monitoring tool used by organizations worldwide, has been found to contain...

CVE-2024-20536: Cisco NDFC Vulnerability Grants Attackers Extensive Control Cisco ISE Root Escalation * Read-Only Admin Exploit Cisco Secure FMC Vulnerability CVE-2026-20131 Cisco Meeting Management Vulnerability CVE-2026-20098 Cisco vulnerability, RCE flaw CVE-2025-20265 Cisco Meraki, VPN Vulnerability Cisco Nexus Dashboard - CVE-2024-20424 CVE-2025-20115 Cisco Vulnerability CVE-2018-0171 Privilege Escalation Cisco Unified Intelligence Center

Cisco ISE Root Escalation * Read-Only Admin Exploit Cisco Secure FMC Vulnerability CVE-2026-20131 Cisco Meeting Management Vulnerability CVE-2026-20098 Cisco vulnerability, RCE flaw CVE-2025-20265 Cisco Meraki, VPN Vulnerability Cisco Nexus Dashboard - CVE-2024-20424 CVE-2025-20115 Cisco Vulnerability CVE-2018-0171 Privilege Escalation Cisco Unified Intelligence Center

CVE-2024-20536: Cisco NDFC Vulnerability Grants Attackers Extensive Control

Do Son November 7, 2024

In a recent security advisory, Cisco disclosed a high-severity SQL injection vulnerability, designated as CVE-2024-20536 (CVSS 8.8),...

Centreon Issues Critical Security Update: SQL Injection Vulnerabilities Threaten IT Monitoring Centreon RCE CVE-2026-2749 CVE-2024-33852 & CVE-2024-33853 Centreon Web

Centreon RCE CVE-2026-2749 CVE-2024-33852 & CVE-2024-33853 Centreon Web

Centreon Issues Critical Security Update: SQL Injection Vulnerabilities Threaten IT Monitoring

Do Son August 26, 2024

Centreon, a widely-used open-source monitoring solution, has issued a critical security bulletin addressing multiple SQL injection vulnerabilities...

1Panel Users Urged to Patch After Critical SQLi Flaws (CVE-2024-39911, CVSS 10) Discovered CVE-2024-39911 PoC

1Panel Users Urged to Patch After Critical SQLi Flaws (CVE-2024-39911, CVSS 10) Discovered

Do Son July 22, 2024

A critical SQL injection vulnerability, collectively endangering millions of Linux servers worldwide found in the popular open-source...

CVE-2024-6457 (CVSS 9.8): Critical Flaw in HUSKY Plugin Threatens 100K+ WooCommerce Stores

Do Son July 16, 2024

A critical vulnerability has been discovered in the widely-used WordPress plugin, HUSKY – Products Filter Professional for...

CVE-2024-5276 (CVSS 9.8): Critical SQLi Flaw in Fortra FileCatalyst Workflow, PoC Available CVE-2024-5276 PoC

CVE-2024-5276 (CVSS 9.8): Critical SQLi Flaw in Fortra FileCatalyst Workflow, PoC Available

Do Son June 26, 2024

A critical SQL Injection vulnerability (CVE-2024-5276) has been discovered in Fortra FileCatalyst Workflow, a popular enterprise file...

AI Agents Exploit Zero-Day Vulnerabilities with 53% Success AI Agents Vulnerabilities

AI Agents Exploit Zero-Day Vulnerabilities with 53% Success

Do Son June 10, 2024

In a groundbreaking development, researchers at the University of Illinois Urbana-Champaign have demonstrated that teams of AI...

CVE-2024-5522 (CVSS 10): Critical Security Flaw Threatens Thousands of WordPress Sites

Do Son May 30, 2024

WordPress users who have installed the popular HTML5 Video Player plugin are urged to take immediate action...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

sql injection

CVE-2025-48912: Apache Superset Flaw Allows Row-Level Security Bypass via SQL Injection

Earth Lamia: China-Linked APT Targets Global Industries with Custom Backdoors

CVSS 10.0 Flaws in Siemens OZW Web Servers Enable Unauthenticated RCE and Admin Access

Siemens Fixes 66 SQL Injection Flaws in TeleControl Server Basic

Joomla Security Alert: Critical SQL Injection & MFA Bypass Vulnerabilities Uncovered

Multiple Vulnerabilities in Zabbix Open the Door to XSS, DoS, and SQL Injection

Triple Threat in Frappe Framework: SQL Injection, RCE, and Info Disclosure Fixed in Recent Patches

Apache VCL Hit by SQL Injection (CVE-2024-53678) and XSS (CVE-2024-53679) Vulnerabilities

Critical Mattermost Flaws (CVE-2025-20051, CVE-2025-24490, CVE-2025-25279) Expose Systems to File Read and SQL Injection Attacks

Exim Mail Transfer Agent Vulnerable to Remote SQL Injection (CVE-2025-26794), PoC Published

Operation Digital Eye: Chinese APT Exploits Visual Studio Code Tunnels in High-Stakes Espionage Campaign

PoC Exploit Releases for Critical Zabbix Vulnerability – CVE-2024-42327 (CVSS 9.9)

CVE-2024-42327 (CVSS 9.9): Critical SQL Injection Vulnerability Found in Zabbix

CVE-2024-20536: Cisco NDFC Vulnerability Grants Attackers Extensive Control

Centreon Issues Critical Security Update: SQL Injection Vulnerabilities Threaten IT Monitoring

1Panel Users Urged to Patch After Critical SQLi Flaws (CVE-2024-39911, CVSS 10) Discovered

CVE-2024-6457 (CVSS 9.8): Critical Flaw in HUSKY Plugin Threatens 100K+ WooCommerce Stores

CVE-2024-5276 (CVSS 9.8): Critical SQLi Flaw in Fortra FileCatalyst Workflow, PoC Available

AI Agents Exploit Zero-Day Vulnerabilities with 53% Success

CVE-2024-5522 (CVSS 10): Critical Security Flaw Threatens Thousands of WordPress Sites