Vulnerabilities

CVE-2021-38706

September 12, 2021

messages_load.php in ClinicCases 7.3.3 suffers from a blind SQL injection vulnerability, which allows low-privileged attackers to execute arbitrary SQL commands through a vulnerable parameter.

Summary:

messages_load.php in ClinicCases 7.3.3 suffers from a blind SQL injection vulnerability, which allows low-privileged attackers to execute arbitrary SQL commands through a vulnerable parameter.

Reference Links(if available):

https://cliniccases.com

https://github.com/judsonmitchell/ClinicCases/releases

CVSS Score (if available)

v2: / MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P

v3: / HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Links to Exploits(if available)

Tags: CVE, CVE-2021-38706, MISC, Vendor Advisory, vulnerability

CVE-2021-38706

Summary:

Reference Links(if available):

CVSS Score (if available)

Links to Exploits(if available)

Cyber Assessment Framework 3.2

Palo Alto Products Remote Code Execution Vulnerability

Le Slip Français – 1,495,127 breached accounts

CISA: Juniper Releases Security Bulletin for Multiple Juniper Products

CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog

Summary:

Reference Links(if available):

CVSS Score (if available)

Links to Exploits(if available)

You may have missed

Cyber Assessment Framework 3.2

Palo Alto Products Remote Code Execution Vulnerability

Le Slip Français – 1,495,127 breached accounts

CISA: Juniper Releases Security Bulletin for Multiple Juniper Products

CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog