CVE-2024-54151 - Critical Directus WebSockets Vulnerability—How Unauthenticated Users Can Become Admins
Directus is a popular open-source platform that turns any SQL database into a powerful real-time API and user-friendly admin dashboard. With Directus, teams can manage
CVE-2024-54920 - SQL Injection in kashipara E-learning Management System v1. (teacher_signup.php) – Exploit Details & Walkthrough
A recently discovered vulnerability, CVE-2024-54920, has made headlines in the security community. This SQL Injection flaw was found in the /teacher_signup.php file of
CVE-2024-53947 - New Wave of SQL Injection in Apache Superset—Fresh Functions, Fresh Danger
Summary:
A fresh SQL Injection vulnerability—CVE-2024-53947—has just hit Apache Superset, affecting all versions below 4.1.. This new issue expands on CVE-2024-39887 and
CVE-2024-53908 - Oracle SQL Injection in Django’s HasKey Lookup - What You Need to Know
Recently, a critical security issue was unearthed in the Django framework, specifically tied to the HasKey JSON field lookup when interacting with Oracle databases. This
CVE-2024-11728 - Critical SQL Injection in KiviCare WordPress Plugin Exposes Patient Data
The web is an increasingly popular place for healthcare management, but security oversights can put sensitive information at risk. Recently, security researchers and the Wordfence
Episode
00:00:00
00:00:00