CVE-2022-39145 V33.1-V33.1.262 has a vulnerability. V34.0-V34.1.242 has a vulnerability. V35.0 has no vulnerabilities.
A vulnerability has been identified in the OpenCascade NCMS component. The vulnerability could be exploited by injecting data into the vulnerable component through input supplied
CVE-2022-36259 An SQL injection vulnerability in ConnectionFactory.java of InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands.
The vulnerable code is present in the method ‘getConnectionFactory()’ which is responsible for connecting new user to InventoryManagementSystem.
ConnectionFactory class is abstract and extends DatabaseConnection
CVE-2021-44835 An issue was found in Active Intelligent Visualization 5. The Vdc header is used in a SQL query without being sanitized.
This problem can lead to data being exposed in the query like this example where a user name and password are input in the Vdc
CVE-2022-40317 OpenKM 6.3.11 allows stored XSS related to the javascript: substring in an A element.
This can lead to remote code execution. This can be triggered via a maliciously crafted URL. OpenKM 6.3.11 does not sanitize the first
CVE-2022-36712 The v1.0 Library Management System was found to have a SQL injection vulnerability via the id parameter.
Successful exploitation could cause the application to crash, leak data, or cause other forms of damage. Users are advised to review the id parameter for
Episode
00:00:00
00:00:00