CVE-2025-24353 - How a Directus Role Escalation Bug Exposed Hidden Data
Directus is a popular open source platform for managing SQL database content through a modern API and dashboard—trusted by thousands of teams worldwide. But
CVE-2023-27112 - SQL Injection in pearProjectApi v2.8.10 (project.php `projectCode` Parameter) Explored
In early 2023, a serious vulnerability was discovered in the popular open-source tool pearProjectApi, version 2.8.10. This post dives into CVE-2023-27112, an SQL
CVE-2023-27113 - SQL Injection in pearProjectApi v2.8.10 via organizationCode (project.php) – A Deep Dive
In early 2023, a critical SQL injection vulnerability was discovered in the popular PHP project management tool, pearProjectApi (version 2.8.10). Tracked as CVE-2023-27113,
CVE-2025-21555 - Critical InnoDB Vulnerability in MySQL Server - How Attackers Can Crash or Tamper with Your Database (Exploit Details Inside)
A new, easily exploitable vulnerability, CVE-2025-21555, was recently discovered in Oracle's MySQL Server (affecting InnoDB component). If your MySQL Server runs version 8.
CVE-2025-21540 - Privilege Escalation and Unauthorized Data Access in Oracle MySQL Server
In June 2024, Oracle disclosed a serious privilege vulnerability affecting the MySQL Server product—CVE-2025-21540. This flaw, present in MySQL versions 8..40 and prior,
Episode
00:00:00
00:00:00