CVE-2022-40943 Dairy Farm Shop Management System 1.0 is vulnerable to SQL Injection via bwdate-report-ds.php file.
SQL Injection occurs when a hacker injects malicious SQL code into a database to manipulate or access data that should be protected. The most serious
CVE-2022-35156 The Bus Pass Management System 1.0 had a SQL Injection vulnerability via the searchdata parameter.
A user with access to this parameter could exploit this vulnerability to obtain sensitive information about the system, such as the name of a person
CVE-2022-23726 Previous versions of the PingCentral Ping API exposed Spring Boot actuator endpoints with administrative authentication that gives away sensitive information.
The most common attack scenario is via an outside party using a web crawling tool to search for available endpoints and then craft a request
CVE-2022-33880 Projectworlds Hospital Management System Mini-Project through 2018-06-17 allows SQL injection via the type parameter.
This issue exists because of the way the type parameter is sanitized when passing data into the SELECT statement. A remote attacker can leverage this
CVE-2022-35137 DGIOT 4.5.4 had multiple XSS vulnerabilities.
These issues could be exploited by malicious people to conduct cross-site scripting attacks. A total of 14 XSS flaws were found in DGIOT Lightweight industrial
Episode
00:00:00
00:00:00