CVE-2022-42149 The main application file, KF 4.0, is vulnerable to SSRF due to a controller call.
SSRF is a type of cross-site request forgery. A hacker can trick a victim's website to send a request to another website, which
CVE-2019-14840 An issue was found in RHDM where password fields may leak credentials.
A quick search on Google shows how easy it is to find how to crack into a system by using a form on a website.
CVE-2022-23769 An attacker can get remote code execution by tricking the user into providing insufficient privilege verification.
The security issue was discovered by Ilia Nedashkovsky from Go Red Software. The recommendation for users of the reverseWall-MDS is to update the application as
CVE-2022-2574
The unfiltered_html setting was previously enabled by default and allowed users with unfiltered_html capability to inject any HTML code they want. This could
CVE-2022-3501 Article template contents with sensitive data could be accessed from agents without permissions.
These agents could be rogue insiders posing as clients, scammers pretending to be from Google, or accounts that have been compromised. To make sure these
Episode
00:00:00
00:00:00