3 matches found
CVE-2022-36265
In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a Hidden system command web page. After performing a reverse engineering of the firmware, it was discovered that a hidden page not listed in the administration management interface allows a user to execute Linux commands on the devi...
Detecting Post-Compromise Threat Activity in Microsoft Cloud Environments
Summary This Advisory uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT &CK® framework. See the ATT&CK for Enterprise for all referenced threat actor tactics and techniques. Updated April 15, 2021: The U.S. Government attributes this activity to the Russian Foreign...
PHP-Nuke Sections Module - 'artid' SQL Injection
source: https://www.securityfocus.com/bid/27879/info The PHP-Nuke Sections module is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application,...