CVE-2022-45129 Payara before 2022-11-04 allows attackers to visit META-INF and WEB-INF, a different vulnerability than CVE-2022-37422.
When deployed to a sub-context, it allows attackers to bypass intended access restrictions via request parameters. This affects Payara Platform Community before 4.1.2.
CVE-2022-37967 Windows Kerberos Elevation of Privilege Vulnerability.
Mozilla discovered a critical flaw in the old version of Firefox which made it possible for hackers to hijack a user's session and
CVE-2021-34579 FL MGUARD DM on Microsoft Windows doesn't require login credentials if it's configured during installation. Attackers can access the Apache web server.
For this reason, Apache by default does not allow access to its configuration files by any host other than the server that created them. Apache
CVE-2022-43278 The Canteen Management System v1.0 had a SQL injection vulnerability in the categoriesId parameter of /php_action/fetchSelectedCategories.php.
An attacker can exploit this to execute arbitrary SQL commands with root privileges. Reportedly, the vendor had fixed the issue in version 1.1.1,
CVE-2022-40797 - How a Simple Upload Bypass in Roxy Fileman 1.4.6 Leads to Remote Code Execution (.phar Upload Exploit)
If you use Roxy Fileman 1.4.6—an open-source web file manager popular among PHP developers for WYSIWYG editors like TinyMCE and CKEditor—there’
Episode
00:00:00
00:00:00