CVE-2022-42999 D-Link DIR-816 A2 1.10 B05 had multiple command injection vulnerabilities via the admuser and admpass parameters.
D-Link DIR-816 A2 1.10 B05 was found to be vulnerable to cross-site request forgery (CSRF) flaws due to the lack of a properly implemented
CVE-2022-2762 - AdminPad WordPress Plugin Prior to 2.2 Vulnerable to CSRF Attacks
In this post, we're diving deep into CVE-2022-2762, a security vulnerability affecting the popular AdminPad WordPress plugin prior to version 2.2. The
CVE-2022-3097 - How a Missing Nonce in the LBStopAttack Plugin Let Attackers Bypass Security
WordPress plugins bring tons of features to websites, but plugins with weak security can put your whole site at risk. In this post, we’ll
CVE-2022-39314 Kirby is a flat-file CMS that is vulnerable to user enumeration due to improper authentication attempts.
If you are using the `code` or `password-reset` auth method, you can work around this vulnerability by using the `auth.methods` option to set it
CVE-2022-42205 Hospital Management System in PHP 4.0 is vulnerable to XSS via add-patient.php
Exploitation of this vulnerability requires no authentication, thus it might be a low-severity issue, but it is still important to be aware of it.
A
Episode
00:00:00
00:00:00