CVE-2022-30622 The system discloses usernames and passwords, which means it's possible to enter the system. The system loads the request clearly by default.
The server code is very vulnerable, as it is described in the following example. In addition, the server has hard-coded authentication credentials (admin/admin). Path
CVE-2022-1672 - Unpacking the CSRF Vulnerability in Google PageSpeed WordPress Plugin Before v4..7
If you use WordPress and rely on Google PageSpeed Insights Plugin to boost your site speed, you might have been at risk without even knowing
CVE-2022-2144 - How A Missing CSRF Check in jQuery Validation For Contact Form 7 Plugin Threatens WordPress Sites
WordPress plugins make website management easier, but sometimes security oversights turn them into targets for attackers. CVE-2022-2144 is a classic example—a Cross-Site Request Forgery
CVE-2022-31883 Marval MSM v14.19.0.12476 is has an Insecure Direct Object Reference (IDOR) vulnerability
Marval MSM v14.19.0.12476 has a Cross-Site Request Forgery (CSRF) Vulnerability. A low privilege user is able to change the settings of another
CVE-2022-29097 Dell WMS 3.6.1 and below contains a Path Traversal vulnerability in Device API
Dell WMS 3.6.2 and onwards contains a Cross-site Request Forgery (CSRF) vulnerability in the Configuration API. A malicious user could potentially exploit this
Episode
00:00:00
00:00:00