CVE-2022-29464 Certain WSO2 products allow unrestricted file upload with resultant remote code execution
This can be a single request or a series of requests. An attacker can upload any arbitrary file using the fileupload parameter. The remote file
CVE-2022-21210 - SQL Injection Vulnerability in Lansweeper AssetActions.aspx (Exploit Details & Walkthrough)
CVE-2022-21210 is a critical SQL injection vulnerability discovered in Lansweeper version 9.1.20.2, specifically within the AssetActions.aspx functionality. With simple manipulation, an
CVE-2022-24828 Composer is a dependency manager for PHP that has an integration vulnerability with VcsDriver if the user controls $file or $identifier.
We can only assume that this vulnerability has been used to inject malicious code into the `readme` field of the composer.json file for hg/
CVE-2022-27140 - How a Simple Bug in Express-Fileupload Lets Hackers Upload and Run PHP Files
The world of web development is fast-moving, and sometimes speed means mistakes. One of those costly errors happened in the popular express-fileupload module, a widely-used
CVE-2022-27263 - Exploiting Arbitrary File Upload in Strapi v4.1.5 — How Attackers Can Execute Code Remotely
Published: June 2024
Overview
CVE-2022-27263 is a severe vulnerability discovered in Strapi, a popular open-source Headless CMS. In version v4.1.5, a flaw in
Episode
00:00:00
00:00:00