CVE-2022-2754 The Ketchup Restaurant Reservations WordPress plugin through 1.0.0 does not validate and escape some reservation parameters, which could allow unauthenticated attackers to perform SQL Injection attacks.
through the WordPress admin interface. An attacker can inject a SQL statement by sending a malicious request to the vulnerable server, then by sending a
CVE-2022-3141 The Translate Multilingual sites WordPress plugin 2.3.3 is vulnerable to an authenticated SQL injection.
This can be exploited to hijack admin privileges or obtain sensitive information from the database. The severity of this vulnerability depends on the nature of
CVE-2022-40775 An issue was discovered in Bento4 through 1.6.0-639
With certain table types, Bento4 will attempt to atomically update a record's data with a call to AP4_StszAtom::SetData(), but if there
CVE-2022-40766 An attack in Campus Omni CMS 10.2.4 allows SQL injection via a ' or '1=1--' substring.
The injection occurs in the 'Users' page, in the 'Create' field. The following code can be used to exploit this vulnerability:
CVE-2022-40768 The stex_queuecommand_lck function lacks a memset for the PASSTHRU_CMD case, which allows local users to obtain sensitive information from kernel memory.
CVE-2018-14633: The further_check_cred function in the Redis key value cache (redis_key_value_cache) in Redis on Red Hat Enterprise Linux (RHEL) 7
Episode
00:00:00
00:00:00