CVE-2022-43192 An upload control component of Dedecms v5.7.101 is vulnerable to an arbitrary code execution attack.
A stack-based buffer overflow exists in the component /dede/file_manage_control.php of Dedecms v5.7.101, which allows remote attackers to execute arbitrary
CVE-2022-44403 - Exploiting SQL Injection in Automotive Shop Management System v1.
In late 2022, a serious security vulnerability was uncovered in the Automotive Shop Management System version 1.—a PHP-based web application used by many car
CVE-2022-44402 Master.php?f=delete_transaction is vulnerable to SQL Injection.
The injection occurs at the ‘f=’ parameter of Master.php. An attacker can inject an SQL query to delete, modify, or create any database record
CVE-2022-42732 - Severe File Exposure in Siemens syngo Dynamics – Deep Dive & Exploit Guide
In late 2022, Siemens disclosed a critical vulnerability (CVE-2022-42732) in their syngo Dynamics product, widely used by healthcare providers to manage cardiovascular imaging data. The
CVE-2022-4051 Hostel Searching Project has a critical vulnerability involving unknown code. The manipulation of the argument property_id leads to sql injection.
The attacker needs to be in contact with the victim in order to exploit this vulnerability. The victim does not have to visit a specific
Episode
00:00:00
00:00:00