Multiple SQL injection vulnerabilities have been disclosed in Gentoo Soko that could lead to remote code execution (RCE) on vulnerable systems.
"These SQL injections happened despite the use of an Object-Relational Mapping (ORM) library and prepared statements," SonarSource researcher Thomas Chauchefoin said, adding they could result in RCE on Soko because of a "misconfiguration of the database.
http://dlvr.it/SrPQ9z
Subscribe to:
Post Comments (Atom)
20 New Vulnerabilities 'Pose A Threat To All Xiaomi Users,' Researchers Warn - Forbes
20 New Vulnerabilities 'Pose A Threat To All Xiaomi Users,' Researchers Warn Forbes http://dlvr.it/T6Q0Sg
-
A cyberespionage group with ties to North Korea has resurfaced with a stealthier variant of its remote access trojan called Konni to attack ...
-
Laravel 9.1.8, when processing attacker-controlled data for deserialization, allows Remote Code Execution via an unserialize pop chain in __...
-
This statistic presents a ranking of the countries with the highest commitment to cyber security based on the Global Cybersecurity Index (GC...
No comments:
Post a Comment