CVE-2022-40140 An error in Trend Micro products could lead to a denial-of-service.
In Trend Micro products prior to version 6.0.9, a local attacker could inject an invalid character into an HTTP header when parsing a
CVE-2022-38577 ProcessMaker before v3.5.4 was discovered to contain insecure permissions in the user profile page
This issue has been addressed in version 3.5.4 and later. In addition, v3.4.5 and earlier versions have been upgraded to address
CVE-2022-37203 JFinal CMS 5.1.0 is vulnerable to SQL Injection
The following interfaces are vulnerable to SQL injection: the search interface, news interface, the contact form, and the demo form. These interfaces do not use
CVE-2022-2754 The Ketchup Restaurant Reservations WordPress plugin through 1.0.0 does not validate and escape some reservation parameters, which could allow unauthenticated attackers to perform SQL Injection attacks.
through the WordPress admin interface. An attacker can inject a SQL statement by sending a malicious request to the vulnerable server, then by sending a
CVE-2022-3141 The Translate Multilingual sites WordPress plugin 2.3.3 is vulnerable to an authenticated SQL injection.
This can be exploited to hijack admin privileges or obtain sensitive information from the database. The severity of this vulnerability depends on the nature of
Episode
00:00:00
00:00:00