Aggregator

本文简单描述了CodeQL的功能和使用场景，并介绍了VS Code中如何使用CodeQL。

A vulnerability, which was classified as problematic, was found in Netart Media Pharmacy System up to 2. Affected is an unknown function of the file index.php of the component Error Message Handler. The manipulation of the argument page leads to information disclosure. This vulnerability is traded as CVE-2007-3434. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

在无视巴西法院的命令三周之后，马斯克的 X 屈服，在周五递交的一份法庭文件中，公司律师表示 X 已遵守巴西最高法院的命令，希望法院能解除封锁。X 封锁了法院指定的账号，缴纳罚款，任命了一名正式代表。巴西最高法院回应称，X 没有提供正确的文件，它给与该公司五天时间去完成。在 X 被封锁期间，巴西用户转向了替代服务，推动了 Bluesky 和 ​​Tumblr 等社交服务用户数的大幅增长。

JSP3/2.0.14

Home趣味软件有时候，过于纠结这个工具有什么用，是没有意义的

记一次攻防演练被某委安全团队拷打全过程 by ourren

微调之外的大模型应用技术 by ourren

从中欧美比较的角度理解我国《人工智能安全治理框架》的特点 by ourren

更多最新文章，请访问SecWiki

A vulnerability, which was classified as critical, has been found in Netart Media Pharmacy System up to 2. This issue affects some unknown processing of the file index.php. The manipulation of the argument ID leads to sql injection. The identification of this vulnerability is CVE-2007-3433. The attack may be initiated remotely. Furthermore, there is an exploit available.

Cloudflare launched on September 27, 2010. This week we celebrate our fourteenth birthday

爸妈开始用，试着记录了几条，都还蛮喜欢的。虽然我还不知道他们是否能长期用，但他们能用上，笑着说挺不错时，我有小小的满足感。

A vulnerability classified as critical was found in code-projects Blood Bank System 1.0. This vulnerability affects unknown code of the file /admin/blood/update/o-.php. The manipulation of the argument bloodname leads to sql injection. This vulnerability was named CVE-2024-9094. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in SourceCodester Profile Registration without Reload Refresh 1.0. This affects an unknown part of the file del.php of the component GET Parameter Handler. The manipulation of the argument list leads to sql injection. This vulnerability is uniquely identified as CVE-2024-9093. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in SourceCodester Profile Registration without Reload Refresh 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file add.php of the component Registration Form. The manipulation of the argument full_name leads to cross site scripting. This vulnerability is handled as CVE-2024-9092. The attack may be launched remotely. Furthermore, there is an exploit available. Other parameters might be affected as well.

JSP3/2.0.14

Submit #412254 / VDB-278272

A vulnerability was found in code-projects Student Record System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument regno leads to sql injection. This vulnerability is known as CVE-2024-9091. The attack can be launched remotely. Furthermore, there is an exploit available.

Submit #412210 / VDB-278271

Submit #412159 / VDB-278270

A vulnerability was found in SourceCodester Modern Loan Management System 1.0. It has been classified as critical. Affected is an unknown function of the file search_member.php. The manipulation of the argument searchMember leads to sql injection. This vulnerability is traded as CVE-2024-9090. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in SourceCodester Modern Loan Management System 1.0 and classified as problematic. This issue affects some unknown processing of the file update_loan_record.php. The manipulation of the argument amount leads to cross site scripting. The identification of this vulnerability is CVE-2024-9089. The attack may be initiated remotely. Furthermore, there is an exploit available.