CVE-2022-36733 The v1.0 version of The Library Management System contained a SQL injection vulnerability.
An attacker can leverage this vector to inject arbitrary SQL commands into the application or retrieve existing data. Successfully exploiting this issue can result in
CVE-2022-36657 Librarian Management System v1.0 had a XSS vulnerability via the edit_book_details.php component.
A hacker can exploit this XSS flaw to execute arbitrary script code in the browser of an unsuspecting user. XSS vulnerabilities often lead to the
CVE-2022-36735 The Book Library Management System v1.0 had a SQL injection vulnerability.
A remote attacker could exploit this vulnerability to execute arbitrary SQL commands and retrieve sensitive data.
In addition, this software was discovered to contain a
CVE-2022-36713 Librarian Management System v1.0 had a SQL injection vulnerability via the Section parameter.
A user with knowledge of SQL injection can exploit this to execute arbitrary SQL commands, bypassing the application's validation mechanisms. In a scenario
CVE-2022-37681 An attacker can perform a directory traversal on the endpoint /ptippage.cgi with versions 1.07 and below of ISnex Kokusai ISNex HC-IP9100HD.
A cross-site request forgery (CSRF) vulnerability in the web interface of the device allows attackers to perform an unauthorized login by tricking users into
Episode
00:00:00
00:00:00