SQL Injection in Admin Functionality - dolphin.prov7.4.2

Read Time:24 Second

Posted by Andrey Stoykov on Mar 24

# Exploit Title: SQL Injection in Admin Functionality – dolphin.prov7.4.2
# Date: 03/2025
# Exploit Author: Andrey Stoykov
# Version: 7.4.2
# Date: 03/2025
# Tested on: Debian 12
# Blog:
https://msecureltd.blogspot.com/2025/03/friday-fun-pentest-series-21-sql.html

SQL Injection in Admin Functionality:

Steps to Reproduce:

1. Login as admin user and visit the page of “
http://192.168.58.170/dolphinCMS/administration/index.php?cat="
2….

USN-7372-1: Varnish vulnerability

Martin van Kervel Smedshammer discovered that Varnish did not properly sanitize certain HTTP headers. A remote attacker could possibly use...

March 26, 2025

GitHub Actions Supply Chain Attack

What is the Attack?Recently, a popular third-party GitHub Action tj-actions/changed-files GitHub Action (CVE-2025-30066)- used by over 23,000 repositories- was compromised,...

March 26, 2025

suricata-7.0.10-1.el9

FEDORA-EPEL-2025-46a02bfa95 Packages in this update: suricata-7.0.10-1.el9 Update description: This is an extra release to address a critical issue in 7.0.9...

March 25, 2025

suricata-7.0.10-1.el8

FEDORA-EPEL-2025-811cbc0ed6 Packages in this update: suricata-7.0.10-1.el8 Update description: This is an extra release to address a critical issue in 7.0.9...

March 25, 2025

suricata-7.0.10-1.fc41

FEDORA-2025-5fa61dc843 Packages in this update: suricata-7.0.10-1.fc41 Update description: This is an extra release to address a critical issue in 7.0.9...

March 25, 2025

suricata-7.0.10-1.fc40

FEDORA-2025-2a295896e6 Packages in this update: suricata-7.0.10-1.fc40 Update description: This is an extra release to address a critical issue in 7.0.9...

March 25, 2025

New Android Malware Uses .NET MAUI to Evade Detection

Cybercriminals Use Atlantis AIO to Target 140+ Platforms

The AI Fix #43: I, for one, welcome our new robot overlords!

NIST Warns of Significant Limitations in AI/ML Security Mitigations

China-Linked Weaver Ant Hackers Exposed After Four-Year Telco Infiltration

Dark Web Mentions of Malicious AI Tools Spike 200%

Report on Paragon Spyware

IngressNightmare: Four Critical Bugs Found in 40% of Cloud Systems

VanHelsingRaaS Expands Rapidly in Cybercrime Market

SQL Injection in Admin Functionality – dolphin.prov7.4.2

USN-7372-1: Varnish vulnerability

GitHub Actions Supply Chain Attack

suricata-7.0.10-1.el9

suricata-7.0.10-1.el8

suricata-7.0.10-1.fc41

suricata-7.0.10-1.fc40