CVE-2022-36609 The patient management system v1.0 had a SQL injection vulnerability via the id parameter.
An attacker can exploit the SQL injection flaw to execute arbitrary SQL commands with the privileges of the system user. In addition to the SQL
CVE-2021-29823 IBM Cognos Analytics 11.1.7, 11.2.0, and 11.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
On March 12th, 2018 IBM released security patches for IBM Cognos Analytics 11.1.7, 11.2.0, 11.2.1, and 11.2.2
CVE-2022-36583 DedeCMS V5.7.97 has XSS vulnerabilities at /dede/co_do.php via dopost, rpok, and aid parameters.
A remote attacker could leverage these issues to execute arbitrary code in the context of the affected website.
An unauthenticated user could also access and
CVE-2022-36674 A SQL injection was found in Task Scheduling System v1.0's id parameter.
A hacker can inject arbitrary SQL codes in the id parameter to inject SQL codes that may delete, insert, update, or retrieve data. If you
CVE-2022-36676 An SQL injection was found in the Task Scheduling System v1.0. id parameter.
This flaw could be exploited by injecting malicious code into the database or via cross-site request forgery (CSRF) if users’ input was hijacked. The
Episode
00:00:00
00:00:00