CVE-2022-35612 An XSS vulnerability in MQTTRoute v3.3 and below allows attackers to execute arbitrary web scripts or HTML.
MQTTRoute versions prior to 3.3 allow an attacker to inject arbitrary HTML or script code into the dashboard name text field (CVE-2018-19384). MQTTRoute versions
CVE-2022-41391 OcoMon v4.0 had a SQL injection vulnerability in the cod parameter of showImg.php.
An attacker can inject malicious SQL code into the cod parameter to run arbitrary SQL commands. This may lead to the disclosure of user data
CVE-2022-39303 Rea6 is a moderation bot that is vulnerable to SQL injection. The issue has been patched by using Javas PreparedStatements.
This vulnerability allows SQL injection. An attacker can manipulate SQL queries. An attacker can inject malicious SQL code into the application. This issue has been
CVE-2022-41497 ClipperCMS 1.3.3 had an SSRF vulnerability via the pkg_url parameter.
SSRF is a vulnerability that occurs when a request is sent to a server-side component of a website and the component accepts the request without
CVE-2022-41495 ClipperCMS 1.3.3 had an SSRF vulnerability via the rss_url_news parameter.
SSRF is an attack on a website where an attacker is able to view or change data on a server without being blocked by the
Episode
00:00:00
00:00:00