CVE-2022-40179 Desigo PXM30-1, PXM30.E, PXM40-1, PXM40.E, PXM50-1 have multiple vulnerabilities.
This can lead to the disclosure of sensitive information such as a user’s personal data, or the takeover of the device with elevated privileges.
CVE-2022-40178 Desigo PXM30-1, PXM30.E, PXM40-1, PXM40.E, PXM50-1 have multiple vulnerabilities.
A remote low-privilege attacker can exploit this vulnerability to perform cross-site request forgery (CSRF) attacks. A local low-privilege attacker can exploit this vulnerability to obtain
CVE-2022-3154 The Woo Billingo Plus and Integration for Billingo & Gravity Forms WordPress plugins before 4.4.5.4 and 1.0.4, respectively, lack CSRF checks in some AJAX actions.
or purchase add-ons. In addition, the plugin does not offer any protection against CSRF on its Contact Form. The only way to fix this issue
CVE-2022-3220 The Advanced Comment Form WordPress plugin before 1.2.1 has unsafe settings that allow high privilege users to do CSRF attacks.
After the upgrade, any site with an infected comment form will be vulnerable to CSRF attacks. It’s recommended to update your site immediately to
CVE-2022-36635 The ZKBioSecurity V5000 4.1.3 had a SQL injection vulnerability in /baseOpLog.do.
An attacker can leverage this vulnerability to inject SQL commands into the database or obtain sensitive information by viewing the database.
ZKteco ZKBioSecurity V5000 4.
Episode
00:00:00
00:00:00