Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-31856PUBLISHED: 2022-07-05Newsletter Module v3.x was discovered to contain a SQL injection vulnerability via the zemez_newsletter_email parameter at /index.php.
CVE-2022-32310PUBLISHED: 2022-07-05An access control issue in Ingredient Stock Management System v1.0 allows attackers to take over user accounts via a crafted POST request to /isms/classes/Users.php.
CVE-2022-32311PUBLISHED: 2022-07-05Ingredient Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /isms/admin/stocks/view_stock.php.
CVE-2022-32413PUBLISHED: 2022-07-05An arbitrary file upload vulnerability in Dice v4.2.0 allows attackers to execute arbitrary code via a crafted file.
CVE-2022-34972PUBLISHED: 2022-07-05So Filter Shop v3.x was discovered to contain multiple blind SQL injection vulnerabilities via the att_value_id , manu_value_id , opt_value_id , and subcate_value_id parameters at /index.php?route=extension/module/so_filter_shop_by/filter_data.
User Rank: Ninja
10/29/2016 | 4:45:13 PM
IoT makes a great deal of sense for the enterprise. For the individual, at the consumer level, where most (not all, but certainly most) consumer devices are concerned, it's nifty but runs into the law of diminishing returns rather quickly.