Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-31943PUBLISHED: 2022-07-01MCMS v5.2.8 was discovered to contain an arbitrary file upload vulnerability.
CVE-2022-32093PUBLISHED: 2022-07-01Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the loginid parameter at adminlogin.php.
CVE-2022-32094PUBLISHED: 2022-07-01Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the loginid parameter at doctorlogin.php.
CVE-2022-32095PUBLISHED: 2022-07-01Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter at orders.php.
CVE-2022-32384PUBLISHED: 2022-07-01Tenda AC23 v16.03.07.44 was discovered to contain a stack overflow via the security_5g parameter in the function formWifiBasicSet.
User Rank: Ninja
6/30/2019 | 2:57:58 PM
This something the IT Security consultant should be aware and knowledgeable as well - https://web.mit.edu/rhel-doc/5/RHEL-5-manual/Deployment_Guide-en-US/rhlcommon-chapter-0001.html
Auditing at the filesystem, file execution and kernel layer. In addition, if a file entered into the filesystem, this would be identified and not allowed to process because it is not part of the SeLinux profile.
Todd