Safari - CVE CyberSecurity Database News (Page 21)

Oct 11, 2022 Safari SQL Chrome

CVE-2022-40777 Interspire Email Marketer through 6.5.0 allows upload of arbitrary php files via a survey_submit.php operation, which can be accessed via /admin/temp/surveys/.

A remote attacker could leverage this vulnerability to upload arbitrary files and obtain access to the Interspire Email Marketer installation via directory traversal. Additionally, a

Oct 11, 2022 Safari SQL Google Chrome

CVE-2022-3452 An issue was found in SourceCodester Book Store Management System 1.0. The file /category.php is affected.

It was discovered that the server is vulnerable to a SQL injection. The variable $category_name is accessible by anyone. An attacker can exploit this

Oct 7, 2022 Windows Safari SQL Chrome

CVE-2022-40825 B.C

An attacker can inject own SQL query to obtain sensitive information like database login credentials, etc. In the sample attack shown below, we can see

Oct 3, 2022 Safari SQL Chrome

CVE-2022-32173 In v1.2.2 of Orchard Core, an authenticated user with an editor security role can inject a modal dialog component into the dashboard that will affect admin users.

This can be used to issue admin-level warnings or even perform actions as a logged in user. To exploit this issue, an attacker must trick

Sep 23, 2022 Windows Mac Safari iOS

CVE-2022-22629 A buffer overflow was fixed in Monterey 12.3, Safari 15.4, watchOS 8.5, iTunes 12.12.3, iOS 15.4, and iPadOS 15.4.

This issue is fixed in macOS Mojave 10.14.5, Safari 12.5, watchOS 5.2, iTunes 12.12.2 for Windows, iOS 15.3,