CVE-2022-3502 A vulnerability was found in Human Resource Management System 1.0. It is problematic and could be exploited to make malicious requests to sensitive parts of the application.
The security risk of this vulnerability is estimated as critical by vendors. It is assumed that a hacker may leverage this issue for cross site
CVE-2022-3495 A critical vulnerability has been found in SourceCodester Simple Online Public Access Catalog 1.0 and affected code of the file /opac/Actions.php?a=login. It compromises the Admin Login component.
The security risk of manipulating the username/password argument via sql injection in SourceCodester Simple Online Public Access Catalog 1.0 is estimated as critical.
CVE-2022-41391 OcoMon v4.0 had a SQL injection vulnerability in the cod parameter of showImg.php.
An attacker can inject malicious SQL code into the cod parameter to run arbitrary SQL commands. This may lead to the disclosure of user data
CVE-2022-41475 An attacker can add an administrator account via a CSRF in RPCMS v3.0.2.
This vulnerability does not affect most users, only those who create new accounts on the target site. This could be significant for a site with
CVE-2022-41407 The App v1.0 had a SQL injection vulnerability via the id parameter.
A user with a low privilege level (e.g., guest) could potentially exploit this vulnerability and inject SQL code to gain higher privileges. A SQL
Episode
00:00:00
00:00:00