CVE-2022-36787 Webvendome - Webvendome SQL Injection
The Parameter " FileName" Request : Get Request : /webvendome/showfiles.aspx?jobnumber=nullFile Name=HERE. The SQL Injection in the Parameter " FileName" Request
CVE-2022-43452 In Delta Electronics DIAEnergie versions before v1.9.02.001, SQL Injection can be
injected.
request when DIAEnergie is configured to expose an external database. DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries
CVE-2022-43447 Delta Electronics DIAEnergie allows SQL Injection via Network.
communication due to the lack of SSL verification. An attacker must have access to the network or remote administration tool in order to inject SQL
CVE-2022-41791 Auth. (subscriber+) CSV Injection vulnerability in ProfileGrid plugin <= 5.1.6 on WordPress.
The vulnerable code is present in the “Edit Profile” page of the plugin. When a user tries to edit their profile, the code below is
CVE-2022-41775 In Delta Electronics DIAEnergie v1.9.02.001 and earlier, SQL Injection is possible via Network.
Injection in the Handler_CFG.ashx web application. A remote attacker can leverage this vulnerability to execute arbitrary SQL queries, which may expose confidential information
Episode
00:00:00
00:00:00