CVE-2022-42232 The v1.0 version of the Cold Storage Management System is vulnerable to SQL Injection.
A successful exploit could result in unauthorized deletion of storage items or even system takeover. The Master.php?f=delete_storage SQL command can be
CVE-2022-39011 The HISP module has a vulnerability that allows access in the kernel space. Successful exploitation may cause unauthorized access.
To view this information, a user only needs to add a specific string of characters to the end of the request. In other words, an
CVE-2022-41576 The rphone module has a script that can be modified to cause irreversible programs to be implanted on user devices.
This vulnerability is currently being exploited in the wild via drive-by-downloads and email campaigns.
In order to exploit this vulnerability, a remote attacker must convince
CVE-2022-41583 The storage maintenance and debugging module has an array out-of-bounds read vulnerability. Successful exploitation will cause incorrect statistics.
This issue can be exploited by an unauthenticated attacker, who can send specially crafted requests to the targeted Apache HTTP Server, system. This issue can
CVE-2022-37603 An ReDoS flaw was found in Function interpolateName in webpackloader-utils 2.0.0 via the url variable.
If a user controlled value for url was fed to the function, it could lead to a denial of service condition due to a recursive
Episode
00:00:00
00:00:00