CVE-2022-38292 The SLiMS Senayan Library Management System v9.4.2 was found to be vulnerable to Server-Side Request Forgery.
An attacker can trick the user into giving him remote system access via the PHP components. In Senayan Library Management System, it is possible to
CVE-2022-36257 An SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands.
The vulnerability is due to insufficient validation of user input in the UserDAO method. An attacker can inject malicious code/data into the website and
CVE-2022-39135 Exists Node, Extract XML, XML Transform, and Extract Value don't have protections against XXE, which could lead to XXE attacks.
To fix this vulnerability, we strongly recommend users upgrade to Apache Calcite 1.32.0 or a newer version. In case you are currently using
CVE-2022-34165 IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 are vulnerable to HTTP header injection, due to improper validation.
In a enterprise setting, where tight firewall rules allow access to the Internet, an attacker could exploit these weaknesses by sending a malicious request to
CVE-2022-38258 D-Link DIR 819 v1.06 has an LFI that can cause DoS or access sensitive server info.
An attacker can exploit this vulnerability by sending a malicious request to the targeted server. An attacker can then send this malicious request to the
Episode
00:00:00
00:00:00