CVE-2024-22641 - ReDoS Vulnerability in TCPDF When Parsing Untrusted SVG Files
On January 17, 2024, CVE-2024-22641 was published. This vulnerability affects TCPDF, a popular PHP library for generating PDF documents. Specifically, TCPDF versions 6.
CVE-2024-35621 - Exploiting XSS in Formwork Edit Function (Before 1.13.)
CVE-2024-35621 is a critical cross-site scripting (XSS) vulnerability that affects the Edit function in Formwork versions before 1.13.. By leveraging this
CVE-2024-36428 - Understanding and Exploiting the OrangeHRM 3.3.3 SQL Injection via admin/viewProjects sortOrder
In June 2024, a new SQL Injection vulnerability—CVE-2024-36428—was disclosed in the open-source human resource management platform OrangeHRM version 3.3.
CVE-2024-35374 - Remote Code Execution in Mocodo Online via Unsanitized `sql_case` Input
A critical security vulnerability, CVE-2024-35374, has been identified in Mocodo Online, affecting version 4.2.6 and below. This flaw allows attackers to
CVE-2024-35593 - How A Simple PDF Upload Can Hack Raingad IM v4.1.4 (Exclusive Breakdown)
In June 2024, a critical vulnerability surfaced in Raingad IM v4.1.4—an enterprise messaging system known for its file sharing and preview features.
Episode
00:00:00
00:00:00