CVE-2022-38268 An SQL injection vulnerability was found in the School Activity Updates with SMS Notification v1.0 component.
2018-06-26: This version was updated to version 1.2.2, fixing the SQL injection vulnerability. The researcher who discovered this vulnerability states that the module
CVE-2022-38260 The Interview Management System v1.0 had a SQL injection vulnerability.
A remote user or attacker can inject arbitrary SQL commands to the system, and the system will execute the command. If SQL injection is not
CVE-2022-38255 The interview management system v1.0 had a SQL injection vulnerability via the id parameter.
If the id parameter is supplied with an arbitrary value, an attacker can access the full db_query() value, thus gaining access to the underlying
CVE-2022-26466 Audio ipi can write outside bounds, which can lead to privilege escalation and user interaction isn't needed for exploitation.
In the 802.1X interface, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of
CVE-2022-3122 A critical vulnerability was found in SourceCodester Clinics Patient Management System 1.0. The file medicine_details.php is affected.
It has been discovered that the software is vulnerable to SQL injection. By manipulating certain parameters, an attacker may obtain sensitive information or execute arbitrary
Episode
00:00:00
00:00:00