CVE-2022-40043 An issue was discovered in Centreon v20.10.18 which contains a SQL injection vulnerability.
A successful exploit of this vulnerability allows attackers to obtain sensitive information about the affected application, such as database information and authentication credentials. The information
CVE-2021-24890 The Scripts Organizer plugin before 3.0 had no capability for CSRF checks or validation of user input, which could allow unauthentic attacks.
which will be executed the next time the file is loaded by WordPress. This could allow for a wide range of attacks, including SQL injection,
CVE-2022-40122 An SQL injection vulnerability was found in the online banking system's cust_id parameter.
A hacker can exploit this to inject arbitrary SQL commands into the application and take advantage of it.
An attacker can exploit this to run
CVE-2022-32218 An information disclosure vulnerability exists in Rocket.Chat v5, v4.8.2, v4.7.5 due to the actionLinkHandler method allowing Message ID Enumeration with Regex MongoDB queries.
This may allow an attacker to retrieve sensitive information about the message such as the chat recipients, sender, date, etc. This may be exploited by
CVE-2022-38470 The Customer Reviews for WooCommerce plugin has a CSRF vulnerability.
When you set up a Customer Reviews for WooCommerce plugin, the plugin generates a secret token for each customer, which is supposed to be kept
Episode
00:00:00
00:00:00