CVE-2022-40295 - Authenticated Information Disclosure in the Web Application: Admins Exposed to Unsalted User Passwords
Web applications have become an integral part of our daily lives, providing us with essential services and information. However, the security of these applications must
CVE-2022-43230: Simple Cold Storage Management System v1. SQL Injection Vulnerability Discovered
A SQL Injection vulnerability has been identified in Simple Cold Storage Management System version 1. that may allow an attacker to view, modify or delete
CVE-2022-41480 Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 has a buffer overflow in the 0x475dc function.
To exploit this vulnerability, an attacker would send a specially crafted HTTP request to the targeted Tenda WiFi device. An example of such a request
CVE-2022-40777 Interspire Email Marketer through 6.5.0 allows upload of arbitrary php files via a survey_submit.php operation, which can be accessed via /admin/temp/surveys/.
A remote attacker could leverage this vulnerability to upload arbitrary files and obtain access to the Interspire Email Marketer installation via directory traversal. Additionally, a
CVE-2022-3452 An issue was found in SourceCodester Book Store Management System 1.0. The file /category.php is affected.
It was discovered that the server is vulnerable to a SQL injection. The variable $category_name is accessible by anyone. An attacker can exploit this
Episode
00:00:00
00:00:00