home.social

#sqli — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #sqli, aggregated by home.social.

  1. #Wordpress: Critical Remote Code Execution (#RCE) chain of vulnerabilities CVE-2026-63030 and #SQLi SQL Injection CVE-2026-60137 dubbed #wp2shell in WordPress Core threaten 500+ million of websites.
    Patch now!:
    👇
    thehackernews.com/2026/07/new-

  2. #Wordpress: Critical Remote Code Execution (#RCE) chain of vulnerabilities CVE-2026-63030 and #SQLi SQL Injection CVE-2026-60137 dubbed #wp2shell in WordPress Core threaten 500+ million of websites.
    Patch now!:
    👇
    thehackernews.com/2026/07/new-

  3. Die SQLI Deutschland GmbH aus Dortmund spendete rund 40 Laptops, die das Unternehmen nicht mehr verwendet.
    Das Foto zeigt v.l.n.r. Lynn Haustov, Annika Ekici, Armin Cibulski (Labdoo Hub Iserlohn), Christian Schacht (GF) und Patrick Heinrich (IT), alle von SQLI.
    Vielen Dank für eure IT-Spende platform.labdoo.org/de/content (weitere Laptops folgen noch).
    #labdoo #sqli #dortmund #phoenixsee #laptop #spende #danke

  4. Die SQLI Deutschland GmbH aus Dortmund spendete rund 40 Laptops, die das Unternehmen nicht mehr verwendet.
    Das Foto zeigt v.l.n.r. Lynn Haustov, Annika Ekici, Armin Cibulski (Labdoo Hub Iserlohn), Christian Schacht (GF) und Patrick Heinrich (IT), alle von SQLI.
    Vielen Dank für eure IT-Spende platform.labdoo.org/de/content (weitere Laptops folgen noch).
    #labdoo #sqli #dortmund #phoenixsee #laptop #spende #danke

  5. Found a great #opensource tool to scan sites for a laundry list of vulnerabilities github.com/h4r5h1t/webcopilot.

    Just used it to scan all my company domains, works great!

    The tools integrated into this single app are the same tools "security researchers" use to scan sites for #xss #SQLi #ssrf #crlf #lfi #subdomaintakeover #openredirect, etc. vulnerabilities - into a single CLI tool.

    Can also help avoid/confirm those "beg-bounty" situations where a simple misconfiguration is touted as a "critical vulnerability" because someone use a quick scanning tool to determine that sub-domain take-over is possible (very common, not critical, easy to fix), or missing DMARC records are present (which 98% of all Internet sites have issues with, and is very easy to fix) to demand a cash reward so they can "share additional critical vulnerabilities" that aren't a thing - they just want money.

    Have fun!

  6. Found a great #opensource tool to scan sites for a laundry list of vulnerabilities github.com/h4r5h1t/webcopilot.

    Just used it to scan all my company domains, works great!

    The tools integrated into this single app are the same tools "security researchers" use to scan sites for #xss #SQLi #ssrf #crlf #lfi #subdomaintakeover #openredirect, etc. vulnerabilities - into a single CLI tool.

    Can also help avoid/confirm those "beg-bounty" situations where a simple misconfiguration is touted as a "critical vulnerability" because someone use a quick scanning tool to determine that sub-domain take-over is possible (very common, not critical, easy to fix), or missing DMARC records are present (which 98% of all Internet sites have issues with, and is very easy to fix) to demand a cash reward so they can "share additional critical vulnerabilities" that aren't a thing - they just want money.

    Have fun!