CVE-2022-40895 An unauthenticated, remote attacker could exploit a vulnerability in Nedi products to affect the integrity of a device.
However, this issue has already been fixed in version 1.0.8 of NeDi. This issue has been assigned the CVE-2018-14632 rating. However, some Nedi
CVE-2022-39273 The control plane for the data processing platform Flyte is FlyteAdmin. Users who enable the default Flyte's authorization server are exposed to the public internet.
Users who have changed the ExternalAuthorizationServer setting in the config or have overridden it in their Flyte Admin’s settings will not be vulnerable to
CVE-2022-35156 The Bus Pass Management System 1.0 had a SQL Injection vulnerability via the searchdata parameter.
A user with access to this parameter could exploit this vulnerability to obtain sensitive information about the system, such as the name of a person
CVE-2021-36855 An XSS vulnerability in the Booking Ultra Pro plugin = 1.1.4 at WordPress that is caused by CSRF.
The PoC exploit code is - Injecting XSS via CSRF. Reflected XSS via CSRF vulnerability can lead to serious security vulnerabilities in WordPress. The WordPress
CVE-2022-31629 An older PHP version can set a cookie for later use which is treated as a '__Host-' or '__Secure-' cookie.
This can be exploited by malicious or compromised websites to facilitate a cross-site request forgery (CSRF) attack to take control of the affected website.
In
Episode
00:00:00
00:00:00