CVE-2022-36545 The id parameter at /patient/settings.php was discovered to be vulnerable to SQL injection.
A hacker can exploit this weakness to execute arbitrary SQL commands, bypassing security restrictions. Note that this vulnerability is often exploited through social engineering and
CVE-2022-36544 The EDoc-doctor-appointment-system v1.0.1 had a SQL injection vulnerability.
A remote attacker able to access the vulnerable application via frontend could leverage the SQL injection flaw to execute arbitrary SQL commands.
Moreover, it was
CVE-2022-36529 Kensey CMS v1.0 had multiple SQL injection vulnerabilities via the name and oldname parameters.
A user with the ‘admin’ role could inject SQL codes and execute them to cause a denial-of-service condition that would eventually lead to the database
CVE-2021-3574 An ASAN vulnerability was found in ImageMagick 7.0.11. An attacker can use the convert command to leak memory.
When an attacker provides a crafted file, ASAN is able to detect memory leaks. This can be exploited to cause a denial of service by
CVE-2022-36719 The Ok parameter of the Library Management System v1.0 was found to be vulnerable to SQL injection.
An attacker can inject arbitrary SQL queries that enable SQL injection and obtain access to internal database structures. Any system that uses this software, especially
Episode
00:00:00
00:00:00