An SQL Injection vulnerability exists in Trend Micro's SafeSync's deviceTool.pm Perl module. The vulnerability is due to insufficient validation of the user-supplied role or role parameter when sending a query to get the information about a SafeSync nic device. A remote, authenticated, attacker could exploit this vulnerability by sending an HTTP request with a malicious SQL query to the target server.
from Check Point Update Services Advisories http://ift.tt/2t9qqGw
Subscribe to:
Post Comments (Atom)
Hackers Use LinkedIn Messages to Spread RAT Malware Through DLL Sideloading
Cybersecurity researchers have uncovered a new phishing campaign that exploits social media private messages to propagate malicious payloads...
-
Original release date: November 08, 2018 Summary JBoss Verify and EXploitation tool (JexBoss) is an open-source tool used by cybersecurity...
-
Original release date: May 21, 2018 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded b...
-
Original release date: January 29, 2018 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been record...
-
It's no secret that learning how to code is one of the most important things you can do when it comes to the beginning or furthering pra...
-
Original release date: February 12, 2018 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recor...
-
Original release date: February 26, 2018 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recor...
-
Os estragos causados pelo ataque com ransomware ao Superior Tribunal de Justiça (STJ) ainda não são totalmente conhecidos. A Polícia Federa...
-
Original release date: January 08, 2018 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been record...
-
Original release date: March 9, 2020 The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD . In som...
-
A four-year-old severe vulnerability has been discovered in the Secure Shell (SSH) implementation library known as Libssh that could allow a...
No comments:
Post a Comment