CVE-2025-22964

DDSN Interactive cm3 Acora CMS version 10.1.1 has an unauthenticated time-based blind SQL Injection vulnerability caused by insufficient input sanitization and validation in the "table" parameter. This flaw allows attackers to inject malicious SQL queries by directly incorporating user-supplied...

CVE-2025-22964

creationtimestamp| type| source ---|---|--- 2025-01-15 22:41:02+00:00| seen| https://infosec.exchange/users/cve/statuses/113834777778924900 2025-01-15 22:55:14+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1884 2025-01-15 23:16:00+00:00| seen|...

CVE-2025-22964

DDSN Interactive cm3 Acora CMS version 10.1.1 has an unauthenticated time-based blind SQL Injection vulnerability caused by insufficient input sanitization and validation in the "table" parameter. This flaw allows attackers to inject malicious SQL queries by directly incorporating user-supplied...

CVE-2025-22964

DDSN Interactive cm3 Acora CMS v10.1.1 is affected by an unauthenticated time-based blind SQL Injection in the table parameter due to insufficient input sanitization/validation. Impact includes unauthorized data access, data manipulation, and exposure of sensitive information. No public fix is do...

ManageEngine ServiceDesk Plus MSP < 10.6 Build 10611 / 13.0 Build 13004

The version of ManageEngine ServiceDesk Plus MSP installed on the remote host is prior to 10.6 Build 10611, 13.0 Build 13004. It is, therefore, affected by a vulnerability as referenced in the service-desk-mspcve-2023-22964 advisory. - Zoho ManageEngine ServiceDesk Plus MSP before 10611, and 13x...

CVE-2023-22964

creationtimestamp| type| source ---|---|--- 2023-01-20 20:22:56+00:00| seen| https://t.me/cibsecurity/56778...

CVE-2023-22964

Zoho ManageEngine ServiceDesk Plus MSP contains an authentication bypass vulnerability (CVE-2023-22964) when LDAP authentication is enabled. Affected versions are MSP before 10.6 Build 10611 and 13.x before 13.0 Build 13004. The root cause is an LDAP authentication flaw that allows bypassing auth...

CVE-2022-22964

CVE-2022-22964 affects VMware Horizon Agent for Linux (prior to 22.x). The issue is a local privilege escalation due to a vulnerable configuration file, allowing a low-privileged user with local access to escalate to root. CVSS info in the sourcing documents indicates high impact with LOCAL attac...

VMware Horizon Client for Linux update addresses multiple vulnerabilities (CVE-2022-22962, CVE-2022-22964)

1. Impacted Products VMware Horizon Agent for Linux 2. Introduction Multiple vulnerabilities in VMware Horizon Agent for Linux were privately reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products. 3a. User-controlled folder path customization...

VMware Horizon Agent for Linux update addresses multiple vulnerabilities (CVE-2022-22962, CVE-2022-22964)

3a. User-controlled folder path customization privilege escalation vulnerability CVE-2022-22962 VMware Horizon Agent for Linux contains a local privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base scor...

CVE-2021-22964

creationtimestamp| type| source ---|---|--- 2021-10-14 18:27:52+00:00| seen| https://t.me/cibsecurity/30571...

CVE-2021-22964

A redirect vulnerability in the fastify-static module version = 4.2.4 and 4.4.1 allows remote attackers to redirect Mozilla Firefox users to arbitrary websites via a double slash // followed by a domain: http://localhost:3000//a//youtube.com/%2e%2e%2f%2e%2e.A DOS vulnerability is possible if the...

CVE-2021-22964

CVE-2021-22964 describes a redirect vulnerability in the fastify-static module (versions &gt;=4.2.4 and

@wmfs/tymly-fastify-plugin (>=1.50.0 <=1.51.0), egg-bag (>=1.44.43 <=1.45.11) potentially affected by CVE-2021-22964 via fastify-static (>=4.2.4 <=4.4.0)

fastify-static NPM version =4.2.4, =1.50.0, =1.44.43, =1.45.11 Source cves: CVE-2021-22964 Source advisory: OSV:GHSA-PGH6-M65R-2RHQ...

Threat Outbreak Alert RuleID22964: Email Messages Distributing Malicious Software on May 19, 2016

Medium Alert ID: 46286 First Published: 2016 May 19 13:44 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID22964 may contain the following files: Name | Size...

Unfixed XSS vulnerability at www.thefreesite.com

Security researcher Johnjuan728, has submitted on 27/09/2007 a cross-site-scripting XSS vulnerability affecting www.thefreesite.com, which at the time of submission ranked 22964 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 02/10/2007. It is...