CVE-2022-35222

HiCOS Citizen verification component has a stack-based buffer overflow vulnerability due to insufficient parameter length validation. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipulate system command or disrupt service...

Stack overflow

HiCOS Citizen verification component has a stack-based buffer overflow vulnerability due to insufficient parameter length validation. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipulate system command or disrupt service...

CVE-2022-2317

The Simple Membership WordPress plugin before 4.1.3 allows user to change their membership at the registration stage due to insufficient checking of a user supplied parameter...

CVE-2022-2317

The Simple Membership WordPress plugin before 4.1.3 allows user to change their membership at the registration stage due to insufficient checking of a user supplied parameter...

CVE-2022-2260

The GiveWP WordPress plugin before 2.21.3 does not have CSRF in place when exporting data, and does not validate the exporting parameters such as dates, which could allow attackers to make a logged in admin DoS the web server via a CSRF attack as the plugin will try to retrieve data from the...

CVE-2022-2260

The GiveWP WordPress plugin before 2.21.3 does not have CSRF in place when exporting data, and does not validate the exporting parameters such as dates, which could allow attackers to make a logged in admin DoS the web server via a CSRF attack as the plugin will try to retrieve data from the...

CVE-2022-32959

HiCOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for OS information. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipula...

MultiSafepay < 4.16.0 - Unauthenticated Arbitrary File Access

The plugin does not validate a parameter which could allow unauthenticated users to read arbitrary files on the web server...

U.S. Dept Of Defense: Local File Inclusion in download.php

The local file inclusion vulnerability was discovered in the download.php file. Arbitrary files could be downloaded by an attacker using directory traversal via the filePathDownload parameter, provided the attacker knew a valid file path of an externally-facing document...

Don't trust in references contracts

Lines of code Vulnerability details Impact The references contracts don't check anything, and the function receive a lot of parameters to manipulate the call Proof of Concept If somebody approveERC20/777/721/1155 the TransferReference contract or use a delegatecall the tokens can be stolen...

CVE-2022-26648

A vulnerability has been identified in SCALANCE X200-4P IRT All versions V5.5.2, SCALANCE X201-3P IRT All versions V5.5.2, SCALANCE X201-3P IRT PRO All versions V5.5.2, SCALANCE X202-2IRT All versions V5.5.2, SCALANCE X202-2IRT All versions V5.5.2, SCALANCE X202-2P IRT All versions V5.5.2, SCALAN...

CVE-2022-31784

A vulnerability in the management interface of MiVoice Business through 9.3 PR1 and MiVoice Business Express through 8.0 SP3 PR3 could allow an unauthenticated attacker that has network access to the management interface to conduct a buffer overflow attack due to insufficient validation of URL...

CVE-2022-31784

A vulnerability in the management interface of MiVoice Business through 9.3 PR1 and MiVoice Business Express through 8.0 SP3 PR3 could allow an unauthenticated attacker that has network access to the management interface to conduct a buffer overflow attack due to insufficient validation of URL...

wfCashERC4626.sol#redeem() Lack of slippage control for market sell

Lines of code Vulnerability details function redeem uint256 shares, address receiver, address owner public override returns uint256 // It is more accurate and gas efficient to check the balance of the // receiver here than rely on the previewRedeem method. uint256 balanceBefore =...

CSCMS Music Portal System SQL注入漏洞

CSCMS Music Portal System is a diversified content management system of China Chong Sheng Network Technology CSCMS Company. CSCMS Music Portal System suffers from a SQL injection vulnerability that originates from the lack of validation of the id parameter of /admin.php/pic/admin/type/hy against...

CVE-2022-0346

The XML Sitemap Generator for Google WordPress plugin before 2.0.4 does not validate a parameter which can be set to an arbitrary value, thus causing XSS via error message or RCE if allowurlinclude is turned on...

Code injection

A vulnerability has been identified in SICAM P850 All versions V3.00, SICAM P850 All versions V3.00, SICAM P850 All versions V3.00, SICAM P850 All versions V3.00, SICAM P850 All versions V3.00, SICAM P850 All versions V3.00, SICAM P850 All versions V3.00, SICAM P850 All versions V3.00, SICAM P850...

School Dormitory Management System SQL注入漏洞

School Dormitory Management System is a school dormitory management system. SQL injection vulnerability exists in School Dormitory Management System v1.0, which originates from /dms/admin/reports/dailycollection The report.php parameter lacks validation for external input SQL statements. An...

Cisco Expressway Series和Cisco TelePresence Video Communication Server 日志信息泄露漏洞

Cisco Expressway Series and Cisco TelePresence Video Communication Server VCS are both products of Cisco, Inc.Cisco Expressway Series is software for accessing devices outside the firewall. The software provides simple, highly secure access for users outside the firewall, helping telecommuters wo...

Cobbler Arbitrary File Read

A flaw was found in cobbler software component version 2.6.11-1. It suffers from an invalid parameter validation vulnerability, leading the arbitrary file reading. The flaw is triggered by navigating to a vulnerable URL via cobbler-web on a default installation...