Monthly Archive: January 2022
Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in /Hospital-Management-System-master/func.php via the email parameter. Date published : 2022-01-31 http://packetstormsecurity.com/files/165882/Hospital-Management-System-4.0-SQL-Injection.html https://github.com/kishan0725/Hospital-Management-System/issues/17
The Logs plugin before 3.0.4 for Craft CMS allows remote attackers to read arbitrary files via input to actionStream in Controller.php. Date published : 2022-01-31 http://packetstormsecurity.com/files/165706/Ethercreative-Logs-3.0.3-Path-Traversal.html https://plugins.craftcms.com/logs
Flask-AppBuilder is an application development framework, built on top of the Flask web framework. In affected versions there exists a user enumeration vulnerability. This vulnerability allows for a non authenticated user to enumerate existing...
Business Logic Errors in Packagist dolibarr/dolibarr prior to 16.0. Date published : 2022-01-31 https://huntr.dev/bounties/76f3b405-9f5d-44b1-8434-b52b56ee395f https://github.com/dolibarr/dolibarr/commit/37fb02ee760cfff18c795ba468da1ba1c53f4684
A flaw was found in the Linux kernel. A null pointer dereference in bond_ipsec_add_sa() may lead to local denial of service. Date published : 2022-01-31 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=105cd17a866017b45f3c45901b394c711c97bf40 https://syzkaller.appspot.com/bug?id=160f641886d88bf11cbf1236cc4db994bb210626