CVE-2022-35052 Heap buffer overflow was discovered in OTFCC commit 617837b.
This issue is addressed by updating the length check in this code. Google Project Zero researchers have also published a detailed guide on how to
CVE-2022-3502 A vulnerability was found in Human Resource Management System 1.0. It is problematic and could be exploited to make malicious requests to sensitive parts of the application.
The security risk of this vulnerability is estimated as critical by vendors. It is assumed that a hacker may leverage this issue for cross site
CVE-2022-3495 A critical vulnerability has been found in SourceCodester Simple Online Public Access Catalog 1.0 and affected code of the file /opac/Actions.php?a=login. It compromises the Admin Login component.
The security risk of manipulating the username/password argument via sql injection in SourceCodester Simple Online Public Access Catalog 1.0 is estimated as critical.
CVE-2022-41391 OcoMon v4.0 had a SQL injection vulnerability in the cod parameter of showImg.php.
An attacker can inject malicious SQL code into the cod parameter to run arbitrary SQL commands. This may lead to the disclosure of user data
CVE-2022-41475 An attacker can add an administrator account via a CSRF in RPCMS v3.0.2.
This vulnerability does not affect most users, only those who create new accounts on the target site. This could be significant for a site with
Episode
00:00:00
00:00:00