CVE-2022-36713 Librarian Management System v1.0 had a SQL injection vulnerability via the Section parameter.
A user with knowledge of SQL injection can exploit this to execute arbitrary SQL commands, bypassing the application's validation mechanisms. In a scenario
CVE-2022-37681 An attacker can perform a directory traversal on the endpoint /ptippage.cgi with versions 1.07 and below of ISnex Kokusai ISNex HC-IP9100HD.
A cross-site request forgery (CSRF) vulnerability in the web interface of the device allows attackers to perform an unauthorized login by tricking users into performing
CVE-2022-37059 XSS in Subrion CMS 4.2.1 Login Field allows attacker to inject arbitrary code.
By using this vulnerability an attacker can steal cookie information and execute malicious code on the system of the affected website. In case of XSS
CVE-2022-36194 An Attacker could leverage the XSS in the Pollers > Broker Configuration function of Actron Encentreon 22.04.0 to inject malicious code.
By manipulating the name parameter, an attacker can inject malicious code into the application’s code, which can lead to session hijacking and other forms
CVE-2022-36720 The v1.0 Library Management System was found to have a SQL injection vulnerability.
An attacker can leverage this vulnerability to execute arbitrary SQL commands against the affected system. An attacker exploiting this vulnerability can install applications, view data,
Episode
00:00:00
00:00:00