CVE-2022-44403 - Exploiting SQL Injection in Automotive Shop Management System v1.
In late 2022, a serious security vulnerability was uncovered in the Automotive Shop Management System version 1.—a PHP-based web application used by many car
CVE-2022-44402 Master.php?f=delete_transaction is vulnerable to SQL Injection.
The injection occurs at the ‘f=’ parameter of Master.php. An attacker can inject an SQL query to delete, modify, or create any database record
CVE-2022-42732 - Severe File Exposure in Siemens syngo Dynamics – Deep Dive & Exploit Guide
In late 2022, Siemens disclosed a critical vulnerability (CVE-2022-42732) in their syngo Dynamics product, widely used by healthcare providers to manage cardiovascular imaging data. The
CVE-2022-4051 Hostel Searching Project has a critical vulnerability involving unknown code. The manipulation of the argument property_id leads to sql injection.
The attacker needs to be in contact with the victim in order to exploit this vulnerability. The victim does not have to visit a specific
CVE-2022-44384 An arbitrary file upload vulnerability in rconfig v3.9.6 allows attackers to execute arbitrary code.
This issue is due to the fact that the rConfig v3.9.6 package does not check the file extension of the uploaded file before
Episode
00:00:00
00:00:00