CVE-2020-15338 The Zyxel CloudCNM SecuManager has a "Use of GET Request Method With Sensitive Query Strings" issue. This issue may be exploited by attackers to access sensitive information.
In these cases, the server may return a different response code than expected. This issue occurs when the GET request method is used with a
CVE-2022-37346 The Product Image Bulk Upload Plugin has an insufficient verification vulnerability when uploading files.
There is currently no known exploit for this issue. However, we recommend updating to version 4.1.0 or higher as soon as possible. Vulnerable
CVE-2022-40354 The v1.0 of the Tours & Travels Management System was found to have a SQL injection vulnerability.
An attacker can inject malicious code to run arbitrary SQL commands. This vulnerability can be exploited by hackers to compromise the system, obtain sensitive information
CVE-2022-21797 The joblib package before 1.2.0 is vulnerable to Arbitrary Code Execution via the pre_dispatch flag in the Parallel() class.
A user with the 'package joblib' privilege can execute arbitrary code with this flag.
Additionally, package joblib before 1.2.0 is vulnerable
CVE-2022-23463 Nepxion Discovery is a solution for Spring Cloud that is vulnerable to SpEL Injection.
This issue was publicly disclosed on September 18, 2018 and was rated as high risk. Nepxion Discovery is a framework for distributed data analytics based
Episode
00:00:00
00:00:00