CyberSecurityBoard
Sponsor Register Login

CVE-2025-0564

A vulnerability was found in code-projects Fantasy-Cricket 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /authenticate.php. The manipulation of the argument uname leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

This Cyber News was published on www.tenable.com. Publication date: Sun, 19 Jan 2025 17:01:02 +0000


Cyber News related to CVE-2025-0564

Microsoft releases first Windows Server 2025 preview build - Microsoft has released Windows Server Insider Preview 26040, the first Windows Server 2025 build for admins enrolled in its Windows Insider program. This build is the first pushed for the next Windows Server Long-Term Servicing Channel Preview, which ...
11 months ago Bleepingcomputer.com
CVE-2025-0564 - A vulnerability was found in code-projects Fantasy-Cricket 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /authenticate.php. The manipulation of the argument uname leads to sql injection. ...
15 hours ago Tenable.com
CVE-2019-0564 - A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka "ASP.NET Core Denial of Service Vulnerability." This affects ASP.NET Core 2.1. This CVE ID is unique from CVE-2019-0548. ...
6 years ago
CVE-2019-0548 - A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka "ASP.NET Core Denial of Service Vulnerability." This affects ASP.NET Core 2.2, ASP.NET Core 2.1. This CVE ID is unique from CVE-2019-0564. ...
6 years ago
CVE-2014-0564 - Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow ...
3 years ago
CVE-2014-0558 - Adobe Flash Player before 13.0.0.250 and 14.x and 15.x before 15.0.0.189 on Windows and OS X and before 11.2.202.411 on Linux, Adobe AIR before 15.0.0.293, Adobe AIR SDK before 15.0.0.302, and Adobe AIR SDK & Compiler before 15.0.0.302 allow ...
8 years ago
CVE-2016-0561 - Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different ...
7 years ago
CVE-2016-0564 - Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different ...
7 years ago
CVE-2009-0133 - Buffer overflow in Microsoft HTML Help Workshop 4.74 and earlier allows context-dependent attackers to execute arbitrary code via a .hhp file with a long "Index file" field, possibly a related issue to CVE-2006-0564. ...
7 years ago
CVE-2008-0564 - Multiple cross-site scripting (XSS) vulnerabilities in Mailman before 2.1.10b1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors related to (1) editing templates and (2) the list's "info attribute" in ...
6 years ago
CVE-2000-0564 - The guestbook CGI program in ICQ Web Front service for ICQ 2000a, 99b, and others allows remote attackers to cause a denial of service via a URL with a long name parameter. ...
16 years ago
CVE-2007-0564 - The license registering interface in Symantec Web Security (SWS) before 3.0.1.85 allows attackers to cause a denial of service (CPU consumption) by submitting a large file. This vulnerablity is addressed in the following product release: ...
13 years ago
CVE-2002-0564 - PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to bypass authentication for a Database Access Descriptor (DAD) by modifying the URL to reference an alternate DAD that already has valid credentials. ...
8 years ago
CVE-2004-0564 - Roaring Penguin pppoe (rp-ppoe), if installed or configured to run setuid root contrary to its design, allows local users to overwrite arbitrary files. NOTE: the developer has publicly disputed the claim that this is a vulnerability because pppoe ...
7 years ago
CVE-2006-0564 - Stack-based buffer overflow in Microsoft HTML Help Workshop 4.74.8702.0, and possibly earlier versions, and as included in the Microsoft HTML Help 1.4 SDK, allows context-dependent attackers to execute arbitrary code via a .hhp file with a long ...
7 years ago
CVE-2010-0564 - Buffer overflow in Trend Micro URL Filtering Engine (TMUFE) in OfficeScan 8.0 before SP1 Patch 5 - Build 3510, possibly tmufeng.dll before 3.0.0.1029, allows attackers to cause a denial of service (crash or OfficeScan hang) via unspecified vectors. ...
7 years ago
CVE-2001-0564 - APC Web/SNMP Management Card prior to Firmware 310 only supports one telnet connection, which allows a remote attacker to create a denial of service via repeated failed logon attempts which temporarily locks the card. ...
7 years ago
CVE-2003-0564 - Multiple vulnerabilities in multiple vendor implementations of the Secure/Multipurpose Internet Mail Extensions (S/MIME) protocol allow remote attackers to cause a denial of service and possibly execute arbitrary code via an S/MIME email message ...
7 years ago
CVE-2012-0564 - Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.50 and 8.51 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Query. ...
7 years ago
CVE-2018-0564 - Session fixation vulnerability in EC-CUBE (EC-CUBE 3.0.0, EC-CUBE 3.0.1, EC-CUBE 3.0.2, EC-CUBE 3.0.3, EC-CUBE 3..4, EC-CUBE 3.0.5, EC-CUBE 3.0.6, EC-CUBE 3.0.7, EC-CUBE 3.0.8, EC-CUBE 3.0.9, EC-CUBE 3.0.10, EC-CUBE 3.0.11, EC-CUBE 3.0.12, EC-CUBE ...
6 years ago
CVE-2005-0564 - Stack-based buffer overflow in Microsoft Word 2000 and Word 2002, and Microsoft Works Suites 2000 through 2004, might allow remote attackers to execute arbitrary code via a .doc file with long font information. ...
6 years ago
CVE-2011-0564 - Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows use weak permissions for unspecified files, which allows attackers to gain privileges via unknown vectors. ...
6 years ago
CVE-2017-0564 - An elevation of privilege vulnerability in the kernel ION subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent ...
5 years ago
CVE-2015-0564 - Buffer underflow in the ssl_decrypt_record function in epan/dissectors/packet-ssl-utils.c in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allows remote attackers to cause a denial of service (application crash) via a crafted packet that ...
5 years ago
CVE-2020-0564 - Improper permissions in the installer for Intel(R) RWC3 for Windows before version 7.010.009.000 may allow an authenticated user to potentially enable escalation of privilege via local access. ...
4 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)