CVE-2022-3452 An issue was found in SourceCodester Book Store Management System 1.0. The file /category.php is affected.
It was discovered that the server is vulnerable to a SQL injection. The variable $category_name is accessible by anyone. An attacker can exploit this
CVE-2022-3442 Crealogix EBICS 7.0 has a vulnerability that leads to cross site scripting.
It is worth noting that this issue was discovered by security researchers of TippingPoint. It has been classified as critical. The discovery was made public.
CVE-2022-40825 B.C
An attacker can inject own SQL query to obtain sensitive information like database login credentials, etc. In the sample attack shown below, we can see
CVE-2022-39279 discourse-chat is a plugin for the Discourse message board which adds chat functionality
Chat is a very important part of a community. Some of the features chat provides include: Quick communication between users
Direct access to support staff
CVE-2022-32173 In v1.2.2 of Orchard Core, an authenticated user with an editor security role can inject a modal dialog component into the dashboard that will affect admin users.
This can be used to issue admin-level warnings or even perform actions as a logged in user. To exploit this issue, an attacker must
Episode
00:00:00
00:00:00