CVE-2022-43169 - Exploiting Rukovoditel v3.2.1 Users Groups Stored XSS—Step-by-Step Guide
Stored Cross-Site Scripting (XSS) vulnerabilities are among the scariest security bugs for collaborative web platforms. CVE-2022-43169 is a powerful example, discovered in Rukovoditel v3.2.
CVE-2022-3731 A vulnerability has been found in seccome Ehoney and classified as critical. The manipulation of the argument Payload leads to sql injection.
The vulnerability can be exploited via web requests and is detected by the rule SEH_SQL_INJECTION. A Proof of Concept (PoC) has been provided
CVE-2022-37915 - Critical RCE in Aruba EdgeConnect Enterprise Orchestrator—How an Attacker Can Totally Take Over Your Network
In the ever-growing threat landscape, network management interfaces are prime targets for attackers. If you run Aruba EdgeConnect Enterprise Orchestrator, especially a fresh 9.1.
CVE-2022-43340 - Exploiting CSRF in Dzzoffice 2.02.1_SC_UTF8 to Gain Admin Control
---
Introduction
In late 2022, a critical security flaw was discovered in Dzzoffice version 2.02.1_SC_UTF8. Tracked as CVE-2022-43340, this bug allows
CVE-2022-43364 - How a Simple Flaw in IP-COM EW9 Let Anyone Reset the Admin Password
---
Introduction
In 2022, a critical vulnerability was found in the wireless controller IP-COM EW9, specifically in firmware version V15.11..14(9732). Tracked as
Episode
00:00:00
00:00:00