CVE-2022-38616 The SmartVista SVFE2 v2.2.22 had a SQL injection vulnerability in the UserForm:j_id90 parameter.
A successful exploitation could lead to access to critical program functions and possibly system takeover. In addition to the SQL injection issue discovered, SmartVista SVFE2
CVE-2022-39151 V33.1-V33.1.262 has a vulnerability. V34.0-V34.1.242 has a vulnerability. V35.0 has no vulnerabilities.
An out of bounds write past the end of an allocated buffer while parsing specially crafted X_T files. This could allow an attacker to
CVE-2022-39146 V33.1-V33.1.262 has a vulnerability. V34.0-V34.1.242 has a vulnerability. V35.0 has no vulnerabilities.
A vulnerability has been identified in the OpenSCADA software. The application does not properly sanitize user-supplied input before using it in a SQL query. An
CVE-2022-38302 the id parameter of the 'maintenance/manage_department.php' web vulnerability was found to be vulnerable to SQL injection.
Attackers can inject arbitrary SQL code to be executed against the database. In the example below, the code will trigger an alert if SQL code
CVE-2022-38303 Leave Management System v1.0 had a SQL injection vulnerability via the id parameter.
An attacker can exploit this to inject PHP code, extract data, or execute arbitrary SQL commands. This is often a vector for hackers to exploit.
Episode
00:00:00
00:00:00