CVE-2022-42250 The Cold Storage Management System v1.0 is vulnerable to SQL injection.
An attacker can send a special SQL query to obtain sensitive information such as users’ names, email addresses, or other information.
The application does not
CVE-2022-42249 The Cold Storage Management System v1.0 is vulnerable to SQL injection. a>/csms/admin/storages/view_storage.php?id=/a>
An attacker can inject malicious script code via the value of the storage_id parameter to execute arbitrary SQL commands. In addition, the /csms/admin/
CVE-2022-39273 The control plane for the data processing platform Flyte is FlyteAdmin. Users who enable the default Flyte's authorization server are exposed to the public internet.
Users who have changed the ExternalAuthorizationServer setting in the config or have overridden it in their Flyte Admin’s settings will not be vulnerable to
CVE-2022-40895 An unauthenticated, remote attacker could exploit a vulnerability in Nedi products to affect the integrity of a device.
However, this issue has already been fixed in version 1.0.8 of NeDi. This issue has been assigned the CVE-2018-14632 rating. However, some Nedi
CVE-2022-2986 Enabling and disabling installed H5P libraries failed to protect from CSRF risk.
As a result, it was possible to trick a vulnerable website into installing a malicious H5P library. Malicious actors could craft a CSRF attack that
Episode
00:00:00
00:00:00