CVE-2022-36194 An Attacker could leverage the XSS in the Pollers > Broker Configuration function of Actron Encentreon 22.04.0 to inject malicious code.
By manipulating the name parameter, an attacker can inject malicious code into the application’s code, which can lead to session hijacking and other forms
CVE-2022-36705 The Stock Management System v1.0 had a SQL injection vulnerability.
This can be exploited to redirect users to a malicious location, or execute arbitrary SQL statements if injected into a logged-in user’s account. A
CVE-2022-36706 The Stock Management System v1.0 had a SQL injection vulnerability.
It appears that the application had not enabled the id_ parameter, which allowed attackers to inject script code or SQL commands that were executed when
CVE-2022-36708 Library Management System v1.0 had an SQL injection vulnerability where the Id parameter was vulnerable.
A hacker can inject arbitrary SQL queries that will be executed if a user visits a maliciously crafted URL or if they try to edit
CVE-2022-36704 The Library Management System v1.0 contained a SQL injection vulnerability via the Id parameter.
A hacker could exploit this vulnerability and send a malicious request to the application, allowing them to compromise the system and access sensitive data. If
Episode
00:00:00
00:00:00