CVE-2022-42744 - How a Simple entriesPerPage Parameter Exposed CandidATS 3.. to SQL Injection and Unrestricted Database Operations
In the world of recruitment software, security doesn’t always get the spotlight it deserves. CandidATS—an open-source applicant tracking system—made headlines after the
CVE-2022-43062 - SQL Injection Exploit in Online Diagnostic Lab Management System v1. (Full Analysis and Exploit Guide)
Security flaws in healthcare web applications can be disastrous, exposing sensitive data and allowing hackers complete control. In this post, we deep dive into CVE-2022-43062,
CVE-2020-22819: Exploring SQL Injection Vulnerability in MKCMS V6.2 through /ucenter/active.php Verify Parameter
In this long read, we will explore the SQL Injection vulnerability found in MKCMS V6.2 with the CVE Identifier CVE-2020-22819. SQL Injection is a
CVE-2020-22820: MKCMS V6.2 SQL Injection Vulnerability and Exploit Details via /ucenter/repass.php Name Parameter
The CVE-2020-22820 came to notice when it was discovered that MKCMS V6.2 has a significant vulnerability, i.e., a SQL Injection through the "
CVE-2021-37823 - How OpenCart 3..3.7 Exposes Your Database & Files With a Simple SQL Injection
OpenCart is a popular open-source e-commerce platform—but like many web apps, it’s faced its share of security problems. One of the most serious?
Episode
00:00:00
00:00:00