Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-48116PUBLISHED: 2023-01-27AyaCMS v3.1.2 was discovered to contain a remote code execution (RCE) vulnerability via the component /admin/tpl_edit.inc.php.
CVE-2022-48118PUBLISHED: 2023-01-27Jorani v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Acronym parameter.
CVE-2022-32472PUBLISHED: 2023-01-27** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2022-32952PUBLISHED: 2023-01-27** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2021-41231PUBLISHED: 2023-01-27OpenMage LTS is an e-commerce platform. Prior to versions 19.4.22 and 20.0.19, an administrator with the permissions to upload files via DataFlow and to create products was able to execute arbitrary code via the convert profile. Versions 19.4.22 and 20.0.19 contain a patch for this issue.
User Rank: Apprentice
12/23/2013 | 6:48:16 PM
Of course all of these activities rarely require the full account info. Generally PCI requires truncation to store transactions but Target may have demonstrated a mitigating factor by encrypting all transactions. Thats why its probably an inside job... someone with access to the necessary decryption information.
Another article I read said the cvv codes were not stolen which meant the stolen accounts are not useful for most on-line purchases.
IMO ... regrdless of this article's title, we don't really know what happened yet.