CVE-2022-38616 The SmartVista SVFE2 v2.2.22 had a SQL injection vulnerability in the UserForm:j_id90 parameter.
A successful exploitation could lead to access to critical program functions and possibly system takeover. In addition to the SQL injection issue discovered, SmartVista SVFE2
CVE-2022-38292 The SLiMS Senayan Library Management System v9.4.2 was found to be vulnerable to Server-Side Request Forgery.
An attacker can trick the user into giving him remote system access via the PHP components. In Senayan Library Management System, it is possible to
CVE-2022-40323 SysAid Help Desk before 22.1.65 allows XSS in the Password Services module, aka FR# 67241.
This was addressed in 22.1.66.13 and later. Cisco WebEx Teams does not support the use of XSS in any of its components.
CVE-2022-35725 Stored XSS vulnerability in the wp-forecast plugin = 7.5 at WordPress.
This XSS vulnerabitity was fixed in version 8.1.2. To patch this issue, update to the latest version. To patch this issue, update to
CVE-2022-38144 The gVectors Team wpForo Forum plugin has a CSRF vulnerability.
In short, it happens when a user submits a request to an unintended target. This unauthorized request can be made by clicking on an unexpected
Episode
00:00:00
00:00:00