CVE-2022-42166 Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formSetSpeedWan.
Tenda AC10 V15.03.06.23 contains a SQL Injection vulnerability via /goform/formSetSpeedWan.
Tenda AC3200 V15.03.06.23 contains an Improper Access Control
CVE-2022-3150 The WP Custom Cursors plugin through 3.0 doesn't properly sanitise and escape a parameter, which leads to a SQL injection vulnerability that can be exploited by high-privileged users.
or root. This could lead to the deletion of important data or even the installation of a malicious plugin. You can avoid this risk by
CVE-2022-3131 The Search Logger plugin through 0.9 does not properly sanitise and escape a parameter, which leads to a SQL injection. This is a high privilege exploit.
when you pass a parameter that has a non-escaped special character within the parameter to the Search Logger view, the SQL query is not properly
CVE-2022-41623 Data exposure of sensitive information in Villatheme ALD using WooCommerce premium plugin = 1.1.0.
Find and avoid these data leak risks at all costs. These are the major cause of data leakage that can lead to sensitive data exposure
CVE-2022-41416 The system was found to have a SQL injection vulnerability via the id parameter.
An attacker can exploit this to execute arbitrary SQL commands that can lead to session hijacking or clickjacking. Version 1.0 of this software does
Episode
00:00:00
00:00:00