CVE-2022-36714 The Lab Management System v1.0 had a SQL injection vulnerability in the Section parameter.
An attacker can leverage this vulnerability to execute arbitrary SQL commands and gain access to database records. In addition to the SQL injection flaw, this
CVE-2022-36559 Seiko SkyBridge MB-A200 v01.00.04 and below had a command injection vulnerability via the Ping parameter at ping_exec.cgi.
This can be exploited via attackers to send specially crafted requests to the affected application and receive a response with sensitive information.
CVE-2017-10482
The update
CVE-2022-36553 The blacklist version of the T-HYtec Inter HWL-2511-SS had a command injection vulnerability.
This version is vulnerable to a command injection attack where an attacker can inject malicious commands into the running web server. This may be leveraged
CVE-2022-36690 An SQL injection vulnerability was found in the Stock Management System v1.0's id parameter.
Exploiting this issue may allow remote attackers to execute arbitrary SQL commands in the database or leak database information. The id parameter appears to be
CVE-2022-36689 The Stock Management System v1.0 had a SQL injection vulnerability in the month parameter.
Depending on the parameters used, hackers can manipulate the SQL query to dump data or create new databases. Another potential threat comes from insecure file
Episode
00:00:00
00:00:00