CVE-2022-40887 SourceCodester Best Student Result Management System 1.0 is vulnerable to SQL Injection.
The application allows users to input a SQL query via the ‘Edit Test Result’ form. Thus, attackers can inject malicious SQL code and obtain access
CVE-2020-15334 The Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows escape sequence injection into the /var/log/axxmpp.log file.
This can be exploited to execute arbitrary code on the device or to obtain sensitive information. Zyxel has released Zyxel CloudCNM SecuManager 3.1.1.
CVE-2021-45788 Time-based SQL Injection was found in Metersphere v1.15.4 via the "orders" parameter.
A Cross-site scripting vulnerability was found in X-Rite’s iColor Passport v3.2.2 via the "password" parameter.
A SQL Injection was found
CVE-2022-34394 Dell OS10.5.3.4 contains an Improper Certificate Validation vulnerability in Support Assist. An attacker could exploit this vulnerability to access switch configuration data.
The vulnerable component of Dell Support Assist is accessible via the web interface (port 443). While default port configuration of the web interface (443) is
CVE-2022-3332 A critical vulnerability has been found in SourceCodester Food Ordering Management System affecting POST Parameter Handler.
The researcher who discovered this problem has published a detailed report about it. The researcher has publicly disclosed this information so that it is known.
Episode
00:00:00
00:00:00