CVE-2021-29823 IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
On March 12th, 2018 IBM released security patches for IBM Cognos Analytics 11.1.7, 11.2.0, 11.2.1, and 11.2.2
CVE-2022-36583 DedeCMS V5.7.97 has XSS vulnerabilities at /dede/co_do.php via dopost, rpok, and aid parameters.
A remote attacker could leverage these issues to execute arbitrary code in the context of the affected website.
An unauthenticated user could also access and
CVE-2022-36674 A SQL injection was found in Task Scheduling System v1.0's id parameter.
A hacker can inject arbitrary SQL codes in the id parameter to inject SQL codes that may delete, insert, update, or retrieve data. If you
CVE-2022-36676 An SQL injection was found in the Task Scheduling System v1.0. id parameter.
This flaw could be exploited by injecting malicious code into the database or via cross-site request forgery (CSRF) if users’ input was hijacked. The id
CVE-2022-36733 The v1.0 version of The Library Management System contained a SQL injection vulnerability.
An attacker can leverage this vector to inject arbitrary SQL commands into the application or retrieve existing data. Successfully exploiting this issue can result in
Episode
00:00:00
00:00:00