CVE-2023-39526 - How Hackers Could Own PrestaShop Stores With Just SQL Injection
PrestaShop is a popular open source online store software. It helps thousands of businesses, big and small, manage and sell products over the Internet. Unfortunately,
CVE-2023-37470 - Remote Code Execution in Metabase via H2 Connection String Injection
Metabase is a widely used open-source business intelligence (BI) and analytics platform, popular for helping users visualize and analyze their data with ease. In mid-2023,
CVE-2023-26439 - Exploiting Insecure Input Handling in cacheservice API for SQL Injection and Data Exposure
---
Introduction
*CVE-2023-26439* is a security vulnerability discovered within the widely-used cacheservice API. This flaw allowed attackers on local or restricted networks to submit specially
CVE-2023-26440 - How Weak Input Sanitization in Cacheservice API Exposed Hidden SQL Injection Risks
A recent security issue, CVE-2023-26440, was identified in the _cacheservice_ API, revealing how insufficient input checks led to a critical SQL injection vulnerability. This flaw
CVE-2023-3993 - How a GitLab Logging Bug Could Leak Your Access Tokens
If you’re responsible for securing GitLab, this story’s for you. In mid-2023, a severe vulnerability—CVE-2023-3993—was found in GitLab Enterprise Edition (EE)
Episode
00:00:00
00:00:00