7 Hot Cyber Threat Trends to Expect at Black Hat

Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database CVE-2021-26227
PUBLISHED: 2021-07-22

Cross-site scripting (XSS) vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to inject arbitrary web script or HTML via the student information parameters to edit_stud.php.

CVE-2021-26228
PUBLISHED: 2021-07-22

SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit_class1.php.

CVE-2021-26229
PUBLISHED: 2021-07-22

SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit_stud.php.

CVE-2021-26230
PUBLISHED: 2021-07-22

Cross-site scripting (XSS) vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to inject arbitrary web script or HTML via the user information to save_user.php.

CVE-2021-26231
PUBLISHED: 2021-07-22

SQL injection vulnerability in SourceCodester Fantastic Blog CMS v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to category.php.

Read More HERE

Leave a Reply