CVE-2022-36194 An Attacker could leverage the XSS in the Pollers > Broker Configuration function of Actron Encentreon 22.04.0 to inject malicious code.
By manipulating the name parameter, an attacker can inject malicious code into the application’s code, which can lead to session hijacking and other forms
CVE-2022-36720 The v1.0 Library Management System was found to have a SQL injection vulnerability.
An attacker can leverage this vulnerability to execute arbitrary SQL commands against the affected system. An attacker exploiting this vulnerability can install applications, view data,
CVE-2018-14519 An issue was discovered in Kirby 2.5.12. The delete page functionality suffers from a CSRF flaw
The vulnerability can be exploited by remote attackers via CSRF cookies. The security issue affects all users using the delete pages functionality.
CVE Solution -
CVE-2022-38089 Exment stored cross-site scripting vulnerability in v5.0.2 and earlier and v3.0.0 and earlier, v4.4.2 and earlier, and v2.2.2 and earlier.
Stored cross-site scripting vulnerability in Exment ((PHP8) exceedone/exment v5.0.2 and earlier and exceedone/laravel-admin v3.0.0 and earlier, (PHP7) exceedone/exment
CVE-2022-38463 ServiceNow through San Diego Patch 4b and Patch 6 allows reflected XSS in the logout functionality.
Logging out from one customer profile will reflect on any other customer profile. This can lead to a situation where a malicious customer could potentially
Episode
00:00:00
00:00:00