CVE-2022-23993 - How a Simple Echo in pfSense’s pkg.php Opened the Door to XSS
If you run pfSense as your firewall, you know just how critical patches and security are. Today, we'll deep-dive into CVE-2022-23993—a now-fixed
CVE-2022-0378 - Reflected Cross-Site Scripting (XSS) in Microweber < 1.2.11—How Hackers Could Exploit Your Website
Microweber is an open-source drag-and-drop website builder powered by Laravel. It's quite popular within the PHP and Laravel community, particularly for folks wanting
CVE-2022-0335 - CSRF Vulnerability in Moodle’s “Delete Badge Alignment” – How It Works and How to Protect Your Site
Moodle, the world’s most popular LMS, had a security flaw in versions 3.11 to 3.11.4, 3.10 to 3.10.8,
CVE-2022-0332 - SQL Injection Vulnerability in Moodle’s H5P Activity Web Service (Exclusive Exploit Analysis)
Moodle is one of the world’s most popular open-source learning management systems, used by universities, schools, and businesses around the globe. In early 2022,
CVE-2022-0323 - How a Template Engine Bug in mustache/mustache Opened the Door to Attacks
In January 2022, a security vulnerability—now identified as CVE-2022-0323—was discovered in the popular PHP template engine, mustache/mustache. This vulnerability, rated as “Improper
Episode
00:00:00
00:00:00