CVE-2022-42745 Exploiting XXE in CandidATS 3.. to Read Arbitrary Files
CandidATS, an open source Applicant Tracking System, is widely used by organizations to manage the recruitment process. Recently, a security vulnerability, CVE-2022-42745, has been discovered
CVE-2022-43353 The system was found to have a SQL injection vulnerability. The id parameter was vulnerable.
Reportedly, if an attacker sends a request with an arbitrary id value, they can execute SQL commands to get administrator privileges. With this flaw, an
CVE-2022-31678 - XXE Vulnerability in VMware Cloud Foundation (NSX-V): Exploit Details, Code Snippets, and Resources
The latest security advisory released by VMware outlines a critical XML External Entity (XXE) vulnerability in VMware Cloud Foundation (VCF) instances running NSX-V. This vulnerability
CVE-2021-46849: XXE Vulnerability Found in pikepdf before 2.10. - Affecting PDF XMP Metadata Parsing
A security vulnerability has been discovered in pikepdf, a powerful and robust Python library, which allows users to read and write PDF files. This recently
CVE-2022-43028 Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 has a stack overflow via the timeZone parameter.
This issue was reported to have been fixed in version 16.03.11.10. Tenda US versions are vulnerable to XXE attacks. Remote attackers can
Episode
00:00:00
00:00:00