CVE-2022-42978 - How a Small Authorization Bug in Netic User Export for Confluence Leads to Unauthenticated File Access
Software security bugs are everywhere, but few are as surprising as those that let random users read files they shouldn’t be able to see.
CVE-2022-42977 - How a Simple Export Feature in Netic User Export Let Attackers Download Any File from Atlassian Confluence
Confluence is one of the most widely-used platforms for team collaboration, and add-ons are often required for various business needs. But sometimes, these add-ons accidentally
CVE-2022-42984 The offset parameter of the WoW Wonder social network platform was found to be vulnerable to SQL injection.
A successful attack can allow hackers to inject malicious code in the database of the affected website, allowing them to hijack, corrupt, or delete data;
CVE-2022-43691 Concrete CMS 9.0.0 to 9.1.2 have security issues when Debug Mode is on in production.
Server information like the server’s hostname and which version of PHP are running are visible in the debug logs. This information can be used
CVE-2022-43146 An arbitrary file upload vulnerability in Canteen Management System v1.0 allows attackers to execute arbitrary code.
Furthermore, arbitrary file deletion, posting, and modification are also possible due to insufficient input sanitization. Attackers can use this vulnerability to upload or delete the
Episode
00:00:00
00:00:00