The Latest in IT Security

Latest MOVEit Bug Is Another Critical SQL Injection Flaw

07
Jul
2023
Latest MOVEit Bug Is Another Critical SQL Injection Flaw

image credit: adobe stock

For the third time since the discovery of the MOVEit Transfer application zero-day vulnerability, Progress Software has revealed a new critical SQL injection vulnerability affecting its managed file transfer web application. The company also revealed two high-severity bugs.

Critical Bug – CVE-2023-36934

The critically rated bug, tracked as CVE-2023-36934, has a CVSS score of 9.8. It allows remote attackers to bypass authentication on affected systems and execute arbitrary code, said Progress Software in a security advisory.

Related posts:
  1. Flaws in Avast, AVG Antiviruses Could Have Facilitated Attacks on Millions of Devices
  2. Feds Warn of Rise in Attacks Involving Veeam Software Flaw
  3. WordPress force installs update on 5 million sites following security worry
  4. Google Patches 8 Vulnerabilities in Chrome 77
  5. Firefox 102 Patches 19 Vulnerabilities, Improves Privacy

Read More

Tags:  
Written by Databreachtoday
0 Comments
Comments are closed.

Categories

FRIDAY, MAY 10, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments