Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-34876PUBLISHED: 2022-07-05
SQL Injection vulnerability in admin interface (/vicidial/admin.php) of VICIdial via modify_email_accounts, access_recordings, and agentcall_email parameters allows attacker to spoof identity, tamper with existing data, allow the complete disclosure of all data on the system, destroy the data or mak...
CVE-2022-34877PUBLISHED: 2022-07-05
SQL Injection vulnerability in AST Agent Time Sheet interface ((/vicidial/AST_agent_time_sheet.php) of VICIdial via the agent parameter allows attacker to spoof identity, tamper with existing data, allow the complete disclosure of all data on the system, destroy the data or make it otherwise unavail...
CVE-2022-34878PUBLISHED: 2022-07-05
SQL Injection vulnerability in User Stats interface (/vicidial/user_stats.php) of VICIdial via the file_download parameter allows attacker to spoof identity, tamper with existing data, allow the complete disclosure of all data on the system, destroy the data or make it otherwise unavailable, and bec...
CVE-2022-34879PUBLISHED: 2022-07-05Reflected Cross Site Scripting (XSS) vulnerabilities in AST Agent Time Sheet interface (/vicidial/AST_agent_time_sheet.php) of VICIdial via agent, and search_archived_data parameters. This issue affects: VICIdial 2.14b0.5 versions prior to 3555.
CVE-2022-31770PUBLISHED: 2022-07-05IBM App Connect Enterprise Certified Container 4.2 could allow a user from the administration console to cause a denial of service by creating a specially crafted request. IBM X-Force ID: 228221.
User Rank: Ninja
1/22/2016 | 11:03:24 PM
Are these attack techniques and kits really more advanced, though? All that's happening here is that the kits are becoming more widely distributed as pricing makes them more available to less-skilled attackers. The attacks themselves though -- the code -- are often based upon "old [black] hat" (heh) techniques.
This is why some researchers are now using predictive analytics to anticipate what future attacks will look like.