Anonymous 🐈️🐾☕🍵🏴🇵🇸 1d ago
A SQL injection in a cookie consent parameter at a major automotive company led to full PII leaks and potential RCE. Highlights the need for strict input validation and secure coding practices. #SQLInjection #DataLeak #Japan #CyberAttacks https://www.hendryadrian.com/from-cookie-consent-to-command-execution-a-real-world-sqli-full-pii-leak-to-rce-on-a-careers/
From Cookie Consent to Command Execution A Real-World SQLi + Full PII Leak to RCE on a Careers,…

This article details how a SQL injection vulnerability was discovered in a cookie consent parameter on a major automobile company's career portal, leading to severe security breaches. It highlights the importance of validating frontend parameters and implementing secure coding practices to prevent such critical exploits. #SQLInjection #BugBounty

Cybersecurity News Everyday
Offensive Sequence4d ago
🔴 CVE-2025-53937: CRITICAL SQL Injection in WeGIA (<3.4.5). Exploitable via 'cargo' in /controle/control.php—unauthenticated attackers can compromise DBs. Upgrade to 3.4.5+ ASAP! https://radar.offseq.com/threat/cve-2025-53937-cwe-89-improper-neutralization-of-s-329628cf #OffSeq #SQLInjection #InfoSec #WeGIA
sekurak News6d ago

Fortinet FortiWeb Fabric Connector i podatności z lat 90’

Nie wiemy jaką dokładnie wartość wskazywał licznik odliczający dni od ostatniej krytycznej podatności w produktach firmy Fortinet, ale w redakcji, mamy wrażenie, że panowie z WatchTowr trzymają tabliczkę z cyfrą “0” w pogotowiu. Tym razem legendarny SinSinology zaprezentował załatanego i krytycznego n-daya w produkcie FortiWeb Fabric Connector – błąd klasy...

#WBiegu #FabricConnector #Fortinet #Podatność #Rce #SQLInjection #Websec

https://sekurak.pl/fortinet-fortiweb-fabric-connector-i-podatnosci-z-lat-90/

Fortinet FortiWeb Fabric Connector i podatności z lat 90’

Nie wiemy jaką dokładnie wartość wskazywał licznik odliczający dni od ostatniej krytycznej podatności w produktach firmy Fortinet, ale w redakcji, mamy wrażenie, że panowie z WatchTowr trzymają tabliczkę z cyfrą “0” w pogotowiu. Tym razem legendarny SinSinology zaprezentował załatanego i krytycznego n-daya w produkcie FortiWeb Fabric Connector – błąd klasy...

Sekurak
Deus Ex MacGuffin 6d ago

Goblin mode:

When signing up for an account at a new website, set your initial password to “; DROP TABLE CUSTOMERS; COMMIT; —“

#sql #database #sqlinjection

flagthis6d ago
Fortinet patches critical SQL injection flaw in FortiWeb, urging immediate update to prevent arbitrary command execution. #Fortinet #Cybersecurity #SQLInjection

More details: https://thehackernews.com/2025/07/fortinet-releases-patch-for-critical.html - https://www.flagthis.com/news/17606
mastodon.raddemo.hostJul 12
10 Steps to Protect Your #VPS Against SQL Injection
This article provides a guide discussing how to protect your VPS against SQL injection.
What is SQL Injection?
SQL Injection is a type of cyber attack where an attacker inserts or “injects” malicious SQL code into a query through input fields, URLs, or other data entry points. If the application doesn't properly validate or sanitize the input, the ...
Continued 👉 https://blog.radwebhosting.com/how-to-protect-your-vps-against-sql-injection/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.raddemo.host #mariadb #postgresql #vpsguide #sqlinjection
10 Steps To Protect Your VPS Against SQL Injection - VPS Hosting Blog | Dedicated Servers | Reseller Hosting

Here’s a detailed guide on how to protect your VPS against SQL Injection attacks.

RadWeb, LLC
Rad Web HostingJul 9
10 Steps to Protect Your #VPS Against SQL Injection
This article provides a guide discussing how to protect your VPS against SQL injection.
What is SQL Injection?
SQL Injection is a type of cyber attack where an attacker inserts or “injects” malicious SQL code into a query through input fields, URLs, or other data entry points. If the application doesn't properly validate or sanitize the input, the ...
Continued 👉 https://blog.radwebhosting.com/how-to-protect-your-vps-against-sql-injection/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.social #postgresql #vpsguide #mariadb #sqlinjection
10 Steps To Protect Your VPS Against SQL Injection - VPS Hosting Blog | Dedicated Servers | Reseller Hosting

Here’s a detailed guide on how to protect your VPS against SQL Injection attacks.

RadWeb, LLC
mastodon.raddemo.hostJul 9
10 Steps to Protect Your #VPS Against SQL Injection
This article provides a guide discussing how to protect your VPS against SQL injection.
What is SQL Injection?
SQL Injection is a type of cyber attack where an attacker inserts or “injects” malicious SQL code into a query through input fields, URLs, or other data entry points. If the application doesn't properly validate or sanitize the input, the ...
Continued 👉 https://blog.radwebhosting.com/how-to-protect-your-vps-against-sql-injection/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.raddemo.host #mariadb #postgresql #sqlinjection #vpsguide
10 Steps To Protect Your VPS Against SQL Injection - VPS Hosting Blog | Dedicated Servers | Reseller Hosting

Here’s a detailed guide on how to protect your VPS against SQL Injection attacks.

RadWeb, LLC
Rad Web HostingJul 9
10 Steps to Protect Your #VPS Against SQL Injection
This article provides a guide discussing how to protect your VPS against SQL injection.
What is SQL Injection?
SQL Injection is a type of cyber attack where an attacker inserts or “injects” malicious SQL code into a query through input fields, URLs, or other data entry points. If the application doesn't properly validate or sanitize the input, the ...
Continued 👉 https://blog.radwebhosting.com/how-to-protect-your-vps-against-sql-injection/?utm_source=mastodon&utm_medium=social&utm_campaign=mastodon.social #mariadb #sqlinjection #vpsguide #postgresql
10 Steps To Protect Your VPS Against SQL Injection - VPS Hosting Blog | Dedicated Servers | Reseller Hosting

Here’s a detailed guide on how to protect your VPS against SQL Injection attacks.

RadWeb, LLC
N-gated Hacker NewsJul 8
Ah, the timeless art of SQL injection: the #hacking equivalent of finding a skeleton key 🔑 and being surprised that it opens doors. Who would've thought that a #spyware service advertising itself as #stalkerware might have security flaws? 🙄 It's like breaking into an unlocked bicycle shop and being proud of "hacking" a kid's tricycle. 🚲🔓
https://ericdaigle.ca/posts/taking-over-60k-spyware-user-accounts/ #SQLinjection #cybersecurity #HackerNews #ngated
Taking over 60k spyware user accounts with SQL injection

Serverless means it's secure, right?

Eric Daigle
×
Nebraska.CodeJun 10

Tyler Sanderson presents 'Strengthening Web Application Security:
Understanding Threats, Defenses, and Best Practices' July 25th at Nebraska.Code().

https://nebraskacode.amegala.com/

#WebApplicationSecurity #WebThreats #WebDefenses #WebSecurity #OWASP #XSS #CSRF #SQLInjection #CSP #SAST #DAST #Nebraska #WebVulnerabilities #DependencyScanning #webdevelopment #TechnologyConference #CyberSecurity #softwaredevelopment #softwareengineering