CVE-2022-27261 - Arbitrary File Overwrite in Express-FileUpload v1.3.1 Explained
The Node.js ecosystem is rich with modules to make development easy. But sometimes popular modules come with security issues. In this post, we'
CVE-2022-28397 - **DISPUTED** Arbitrary File Upload in Ghost CMS v4.42.—What You Need to Know
---
Overview
A security advisory surfaced about CVE-2022-28397, which raises concerns about an arbitrary file upload vulnerability in the well-known Ghost CMS—specifically version 4.
CVE-2022-24780 - Critical RCE in Combodo iTop User Portal Explained
Combodo iTop is a popular open-source web-based ITSM (IT Service Management) tool used globally by service desks and IT departments. In early 2022, a severe
CVE-2022-0741 In all versions of GitLab, improper input validation allowed attackers to steal Environment Variables.
To exploit this issue, a malicious email was sent to an engineer with access to the project. The email contained a link that would load
CVE-2022-26258 - Remote Command Execution in D-Link DIR-820L (Firmware 1.05B03) via /lan.asp
The D-Link DIR-820L is a popular wireless router used by many for its affordable price and ease of setup. However, in early 2022, security researchers
Episode
00:00:00
00:00:00