CVE-2022-36689 The Stock Management System v1.0 had a SQL injection vulnerability in the month parameter.
Depending on the parameters used, hackers can manipulate the SQL query to dump data or create new databases. Another potential threat comes from insecure file
CVE-2022-36194 An Attacker could leverage the XSS in the Pollers > Broker Configuration function of Actron Encentreon 22.04.0 to inject malicious code.
By manipulating the name parameter, an attacker can inject malicious code into the application’s code, which can lead to session hijacking and other forms
CVE-2022-25644 Package @pendo324/get-process-by-name is vulnerable to Arbitrary Code Execution due to improper sanitization.
To exploit this issue, an attacker needs to construct a malicious .js file and feed it to a user. This can be done by uploading
CVE-2022-36706 The Stock Management System v1.0 had a SQL injection vulnerability.
It appears that the application had not enabled the id_ parameter, which allowed attackers to inject script code or SQL commands that were executed when
CVE-2022-36697 The Stock Management System v1.0 had a SQL injection vulnerability.
The source of the attack was discovered to be the id parameter, which is not sanitized before being injected into a SQL query. This allowed
Episode
00:00:00
00:00:00