CVE-2022-40777 Interspire Email Marketer through 6.5.0 allows upload of arbitrary php files via a survey_submit.php operation, which can be accessed via /admin/temp/surveys/.
A remote attacker could leverage this vulnerability to upload arbitrary files and obtain access to the Interspire Email Marketer installation via directory traversal. Additionally, a
CVE-2022-38045 Server Service Remote Protocol Elevation of Privilege Vulnerability.
In this blog, we are going to explain how to exploit the CVE-2019-0554 server service remote protocol elevation of privilege vulnerability, in order to gain
CVE-2022-3452 An issue was found in SourceCodester Book Store Management System 1.0. The file /category.php is affected.
It was discovered that the server is vulnerable to a SQL injection. The variable $category_name is accessible by anyone. An attacker can exploit this
CVE-2022-3442 Crealogix EBICS 7.0 has a vulnerability that leads to cross site scripting.
It is worth noting that this issue was discovered by security researchers of TippingPoint. It has been classified as critical. The discovery was made public.
CVE-2022-40825 B.C
An attacker can inject own SQL query to obtain sensitive information like database login credentials, etc. In the sample attack shown below, we can see
Episode
00:00:00
00:00:00