Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-29376PUBLISHED: 2022-05-23Xampp for Windows v8.1.4 and below was discovered to contain insecure permissions for its install directory, allowing attackers to execute arbitrary code via overwriting binaries located in the directory.
CVE-2022-30015PUBLISHED: 2022-05-23In Simple Food Website 1.0, a moderation can put the Cross Site Scripting Payload in any of the fields on http://127.0.0.1:1234/food/admin/all_users.php like Full Username, etc .This causes stored xss.
CVE-2022-28999PUBLISHED: 2022-05-23Insecure permissions in the install directories and binaries of Dev-CPP v4.9.9.2 allows attackers to execute arbitrary code via overwriting the binary devcpp.exe.
CVE-2022-29002PUBLISHED: 2022-05-23A Cross-Site Request Forgery (CSRF) in XXL-Job v2.3.0 allows attackers to arbitrarily create administrator accounts via the component /gaia-job-admin/user/add.
CVE-2022-31489PUBLISHED: 2022-05-23Inout Blockchain AltExchanger 1.2.1 allows index.php/home/about inoutio_language cookie SQL injection.
User Rank: Ninja
10/29/2016 | 4:45:13 PM
IoT makes a great deal of sense for the enterprise. For the individual, at the consumer level, where most (not all, but certainly most) consumer devices are concerned, it's nifty but runs into the law of diminishing returns rather quickly.