Blind SQL Injection - dolphinv7.4.2.

Read Time:23 Second

Posted by Andrey Stoykov on Aug 04

# Exploit Title: Blind SQL Injection – dolphinv7.4.2.
# Date: 8/2024
# Exploit Author: Andrey Stoykov
# Version: 7.4.2
# Tested on: Ubuntu 22.04
# Blog:
https://msecureltd.blogspot.com/2024/07/friday-fun-pentest-series-8-dolphinv742.html

SQL Injection:

Steps to Reproduce:

1. Navigate to “Builders” menu
2. The HTTP GET parameter of “?cat=builders” is displayed in the URL bar
3. That is the injection point

sqlmap -r…

corosync-3.1.9-2.fc40

FEDORA-2025-0bafd025de Packages in this update: corosync-3.1.9-2.fc40 Update description: Security fix for CVE-2025-30472 Read More

March 26, 2025

varnish-7.5.0-3.fc41

FEDORA-2025-4453f596a8 Packages in this update: varnish-7.5.0-3.fc41 Update description: Security: This update includes fix for VSV00015 aka CVE-2025-30346. Upstream considers this...

March 26, 2025

corosync-3.1.9-2.fc41

FEDORA-2025-c55f39aeb3 Packages in this update: corosync-3.1.9-2.fc41 Update description: Security fix for CVE-2025-30472 Read More

March 26, 2025

corosync-3.1.9-3.fc42

FEDORA-2025-a350309ddb Packages in this update: corosync-3.1.9-3.fc42 Update description: Security fix for CVE-2025-30472 Read More

March 26, 2025

USN-7372-1: Varnish vulnerability

Martin van Kervel Smedshammer discovered that Varnish did not properly sanitize certain HTTP headers. A remote attacker could possibly use...

March 26, 2025

GitHub Actions Supply Chain Attack

What is the Attack?Recently, a popular third-party GitHub Action tj-actions/changed-files GitHub Action (CVE-2025-30066)- used by over 23,000 repositories- was compromised,...

March 26, 2025

ETSI Publishes New Quantum-Safe Encryption Standards

AI Data Poisoning

ENISA Probes Space Threat Landscape in New Report

UK Government’s New Fraud Strategy to Focus on Tech-Enabled Threats

New Android Malware Uses .NET MAUI to Evade Detection

Cybercriminals Use Atlantis AIO to Target 140+ Platforms

The AI Fix #43: I, for one, welcome our new robot overlords!

NIST Warns of Significant Limitations in AI/ML Security Mitigations

China-Linked Weaver Ant Hackers Exposed After Four-Year Telco Infiltration

Blind SQL Injection – dolphinv7.4.2.

corosync-3.1.9-2.fc40

varnish-7.5.0-3.fc41

corosync-3.1.9-2.fc41

corosync-3.1.9-3.fc42

USN-7372-1: Varnish vulnerability

GitHub Actions Supply Chain Attack