CVE-2022-41472 An XSS vulnerability was found in CMS v3.12.0 via the apiadmin/notice/add component.
The XSS flaw can be exploited by remote attackers via a request to the component /apiadmin/notice/add. An attacker can inject script codes in
CVE-2022-42171 Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/saveParentControlInfo.
Tenda AC10 V15.03.06.23 has a Cross-site scripting(XSS) vulnerability via /goform/saveParentControlInfo.
Tenda AC10 V15.03.06.23 has a SQL injection
CVE-2022-3549 An issue was found in SourceCodester Simple Cold Storage Management System 1.0 that affects Avatar Handler file processing.
This vulnerability is related to the one found in a different CMS software. It is advised to apply the solution provided in the linked advisory.
CVE-2022-3532 Vulnerability found in BPF component. It has memory leak.
It has been found that when BPF component is enabled, it results in memory leaks. These memory leaks might be exploited by the attackers. The
CVE-2022-41539 Wedding Planner v1.0 had an arbitrary file upload vulnerability in the /admin/users_add.php component.
To exploit this issue, an attacker needs to upload a malicious PHP file to the server. After the file is uploaded, an attacker can request
Episode
00:00:00
00:00:00