Safari - CVE CyberSecurity Database News (Page 21)

Oct 13, 2022 WiFi Safari

CVE-2022-41480 Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 has a buffer overflow in the 0x475dc function.

To exploit this vulnerability, an attacker would send a specially crafted HTTP request to the targeted Tenda WiFi device. An example of such a request

Oct 11, 2022 Safari SQL Chrome

CVE-2022-40777 Interspire Email Marketer through 6.5.0 allows upload of arbitrary php files via a survey_submit.php operation, which can be accessed via /admin/temp/surveys/.

A remote attacker could leverage this vulnerability to upload arbitrary files and obtain access to the Interspire Email Marketer installation via directory traversal. Additionally, a

Oct 11, 2022 Safari SQL Google Chrome

CVE-2022-3452 An issue was found in SourceCodester Book Store Management System 1.0. The file /category.php is affected.

It was discovered that the server is vulnerable to a SQL injection. The variable $category_name is accessible by anyone. An attacker can exploit this

Oct 7, 2022 Windows Safari SQL Chrome

CVE-2022-40825 B.C

An attacker can inject own SQL query to obtain sensitive information like database login credentials, etc. In the sample attack shown below, we can see

Oct 3, 2022 Safari SQL Chrome

CVE-2022-32173 In v1.2.2 of Orchard Core, an authenticated user with an editor security role can inject a modal dialog component into the dashboard that will affect admin users.

This can be used to issue admin-level warnings or even perform actions as a logged in user. To exploit this issue, an attacker must trick