CVE-2022-36657 Librarian Management System v1.0 had a XSS vulnerability via the edit_book_details.php component.
A hacker can exploit this XSS flaw to execute arbitrary script code in the browser of an unsuspecting user. XSS vulnerabilities often lead to the
CVE-2022-36735 The Book Library Management System v1.0 had a SQL injection vulnerability.
A remote attacker could exploit this vulnerability to execute arbitrary SQL commands and retrieve sensitive data.
In addition, this software was discovered to contain a
CVE-2022-36713 Librarian Management System v1.0 had a SQL injection vulnerability via the Section parameter.
A user with knowledge of SQL injection can exploit this to execute arbitrary SQL commands, bypassing the application's validation mechanisms. In a scenario
CVE-2022-37681 An attacker can perform a directory traversal on the endpoint /ptippage.cgi with versions 1.07 and below of ISnex Kokusai ISNex HC-IP9100HD.
A cross-site request forgery (CSRF) vulnerability in the web interface of the device allows attackers to perform an unauthorized login by tricking users into performing
CVE-2022-37059 XSS in Subrion CMS 4.2.1 Login Field allows attacker to inject arbitrary code.
By using this vulnerability an attacker can steal cookie information and execute malicious code on the system of the affected website. In case of XSS
Episode
00:00:00
00:00:00