CVE-2021-36023 - XML Injection in Magento Widgets Leads to Remote Code Execution
CVE-2021-36023 is an _XML Injection_ flaw in the Widgets "Update Layout" functionality within the Magento admin backend. An attacker with administrator permissions can
CVE-2023-39365 - SQL Injection in Cacti - A Deep Dive Into the Flaw and How Hackers Exploit It
Cacti is one of the most popular open-source network monitoring and fault management tools out there. System admins rely on it to visualize and keep
CVE-2023-39516 - How A Simple Setting in Cacti Could Let Attackers Run JavaScript in Admin Browsers
If you rely on Cacti for network or service monitoring, it’s time to check your version and lock things down. Cacti is widely used
CVE-2023-39515 - How Stored XSS in Cacti’s data_debug.php Threatens Your NMS
Cacti is a popular open source monitoring and fault management framework, widely used for keeping an eye on IT infrastructure. In 2023, a critical security
CVE-2023-39360 - Cacti Stored XSS Vulnerability Explained (with Exploit Example)
Cacti is a very popular open source operational monitoring tool used to collect and visualize network and server metrics. Recently, in 2023, a serious Stored
Episode
00:00:00
00:00:00