CVE-2022-43447 Delta Electronics DIAEnergie allows SQL Injection via Network.
communication due to the lack of SSL verification. An attacker must have access to the network or remote administration tool in order to inject SQL
CVE-2022-41791 Auth. (subscriber+) CSV Injection vulnerability in ProfileGrid plugin <= 5.1.6 on WordPress.
The vulnerable code is present in the “Edit Profile” page of the plugin. When a user tries to edit their profile, the code below is
CVE-2022-41775 In Delta Electronics DIAEnergie v1.9.02.001 and earlier, SQL Injection is possible via Network.
Injection in the Handler_CFG.ashx web application. A remote attacker can leverage this vulnerability to execute arbitrary SQL queries, which may expose confidential information
CVE-2022-43179 an SQL injection was found in the Leave Management System v1.0 admin component /admin/?page=user/manage_user&id=
An attacker can exploit this coding weakness to inject SQL commands into the application, giving them the power to compromise the system and access data.
CVE-2022-43163 An SQL injection vulnerability was found in the MDLMS v1.0 through the id parameter.
An attacker can exploit this vulnerability to execute arbitrary SQL commands.
An attacker can exploit this vulnerability to execute arbitrary SQL commands. An SQL injection
Episode
00:00:00
00:00:00