all InfoSec news
Critical SQL Injection Flaws Expose Gentoo Soko to Remote Code Execution
June 28, 2023, 7:24 a.m. | info@thehackernews.com (The Hacker News)
The Hacker News thehackernews.com
"These SQL injections happened despite the use of an Object-Relational Mapping (ORM) library and prepared statements," SonarSource researcher Thomas Chauchefoin said, adding they could result in RCE on Soko because of a "misconfiguration of the database.
code code execution critical flaws gentoo injection library mapping object rce remote code remote code execution researcher result sonarsource sql sql injection sql injections sql injection vulnerabilities systems thomas vulnerabilities vulnerable
More from thehackernews.com / The Hacker News
Jobs in InfoSec / Cybersecurity
Incident Response Lead
@ Blue Yonder | Hyderabad
GRC Analyst
@ Chubb | Malaysia
Information Security Manager
@ Walbec Group | Waukesha, WI, United States
Senior Executive / Manager, Security Ops (TSSQ)
@ SMRT Corporation Ltd | Singapore, SG
Senior Engineer, Cybersecurity
@ Sonova Group | Valencia (CA), United States
Consultant (Multiple Positions Available)
@ Atos | Plano, TX, US, 75093