CVE-2022-43278 The Canteen Management System v1.0 had a SQL injection vulnerability in the categoriesId parameter of /php_action/fetchSelectedCategories.php.
An attacker can exploit this to execute arbitrary SQL commands with root privileges. Reportedly, the vendor had fixed the issue in version 1.1.1,
CVE-2022-40797 - How a Simple Upload Bypass in Roxy Fileman 1.4.6 Leads to Remote Code Execution (.phar Upload Exploit)
If you use Roxy Fileman 1.4.6—an open-source web file manager popular among PHP developers for WYSIWYG editors like TinyMCE and CKEditor—there’
CVE-2022-45060 - Exploiting HTTP Request Forgery in Varnish Cache (Zero-Day Details & Code Examples)
CVE-2022-45060 targets a subtle but dangerous HTTP request forgery bug in Varnish Cache: an extremely popular HTTP accelerator used by millions of websites worldwide. This
CVE-2022-41208 An attacker with user privileges can alter a user's session.
To exploit the vulnerability, an attacker must be able to log in to the targeted application with user privileges. The update causes certain parameters of
CVE-2022-27858 CSV Injection vulnerability in Activity Log Team Activity Log <= 2.8.3 on WordPress.
Activity logs are a great way to track activity on your website and help assess performance. Activity logs are also a great way to collect
Episode
00:00:00
00:00:00