CVE-2022-26632

Multi-Vendor Online Groceries Management System v1.0 was discovered to contain a blind SQL injection vulnerability via the id parameter in /products/view_product.php.

Source: CVE-2022-26632

CVE-2022-24045

A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The application, after a successful login, sets the session cookie on the browser via client-side JavaScript code, without applying any security attributes (such as “Secure�, “HttpOnly�, or “SameSite�).

Any attempts to browse the application via unencrypted HTTP protocol would lead to the transmission of all his/her session cookies in plaintext through the network. An attacker could then be able to sniff the network and capture sensitive information.

Source: CVE-2022-24045

CVE-2022-24287

A vulnerability has been identified in SIMATIC PCS 7 V9.0 and earlier (All versions), SIMATIC PCS 7 V9.1 (All versions), SIMATIC WinCC Runtime Professional V16 and earlier (All versions), SIMATIC WinCC Runtime Professional V17 (All versions), SIMATIC WinCC V7.4 and earlier (All versions), SIMATIC WinCC V7.5 (All versions < V7.5 SP2 Update 8). An authenticated attacker could escape the WinCC Kiosk Mode by opening the printer dialog in the affected application in case no printer is installed.

Source: CVE-2022-24287

CVE-2022-26634

HMA VPN v5.3.5913.0 contains an unquoted service path which allows attackers to escalate privileges to the system level.

Source: CVE-2022-26634

CVE-2022-24044

A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The login functionality of the application does not employ any countermeasures against Password Spraying attacks or Credential Stuffing attacks.

An attacker could obtain a list of valid usernames on the device by exploiting the issue and then perform a precise Password Spraying or Credential Stuffing attack in order to obtain access to at least one account.

Source: CVE-2022-24044

CVE-2022-24043

A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). The login functionality of the application fails to normalize the response times of login attempts performed with wrong usernames with the ones executed with correct usernames.

A remote unauthenticated attacker could exploit this side-channel information to perform a username enumeration attack and identify valid usernames.

Source: CVE-2022-24043

CVE-2022-1784

Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio prior to 18.0.8.

Source: CVE-2022-1784

CVE-2022-31215

In certain Goverlan products, the Windows Firewall is temporarily turned off upon a Goverlan agent update operation. This allows remote attackers to bypass firewall blocking rules for a time period of up to 30 seconds. This affects Goverlan Reach Console before 10.5.1, Reach Server before 3.70.1, and Reach Client Agents before 10.1.11.

Source: CVE-2022-31215

CVE-2022-25224

Proton v0.2.0 allows an attacker to create a malicious link inside a markdown file. When the victim clicks the link, the application opens the site in the current frame allowing an attacker to host JavaScript code in the malicious link in order to trigger an XSS attack. The ‘nodeIntegration’ configuration is set to on which allows the ‘webpage’ to use ‘NodeJs’ features, an attacker can leverage this to run OS commands.

Source: CVE-2022-25224

CVE-2022-30551

OPC UA Legacy Java Stack 2022-04-01 allows a remote attacker to cause a server to stop processing messages by sending crafted messages that exhaust available resources.

Source: CVE-2022-30551