Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-29376PUBLISHED: 2022-05-23Xampp for Windows v8.1.4 and below was discovered to contain insecure permissions for its install directory, allowing attackers to execute arbitrary code via overwriting binaries located in the directory.
CVE-2022-30015PUBLISHED: 2022-05-23In Simple Food Website 1.0, a moderation can put the Cross Site Scripting Payload in any of the fields on http://127.0.0.1:1234/food/admin/all_users.php like Full Username, etc .This causes stored xss.
CVE-2022-28999PUBLISHED: 2022-05-23Insecure permissions in the install directories and binaries of Dev-CPP v4.9.9.2 allows attackers to execute arbitrary code via overwriting the binary devcpp.exe.
CVE-2022-29002PUBLISHED: 2022-05-23A Cross-Site Request Forgery (CSRF) in XXL-Job v2.3.0 allows attackers to arbitrarily create administrator accounts via the component /gaia-job-admin/user/add.
CVE-2022-31489PUBLISHED: 2022-05-23Inout Blockchain AltExchanger 1.2.1 allows index.php/home/about inoutio_language cookie SQL injection.
User Rank: Ninja
2/25/2019 | 3:21:04 PM