CVE-2022-46967
An access control issue in Revenue Collection System v1.0 allows unauthenticated attackers to view the contents of /admin/DBbackup/ directory.
Source: CVE-2022-46967
[월:] 2023년 01월
CVE-2022-46966
CVE-2022-46966
Revenue Collection System v1.0 was discovered to contain a SQL injection vulnerability at step1.php.
Source: CVE-2022-46966
CVE-2023-0455
CVE-2023-0455
Unrestricted Upload of File with Dangerous Type in GitHub repository unilogies/bumsys prior to v1.0.3-beta.
Source: CVE-2023-0455
CVE-2023-0488
CVE-2023-0488
Cross-site Scripting (XSS) – Stored in GitHub repository pyload/pyload prior to 0.5.0b3.dev42.
Source: CVE-2023-0488
CVE-2023-0470
CVE-2023-0470
Cross-site Scripting (XSS) – Stored in GitHub repository modoboa/modoboa prior to 2.0.4.
Source: CVE-2023-0470
CVE-2023-0509
CVE-2023-0509
Improper Certificate Validation in GitHub repository pyload/pyload prior to 0.5.0b3.dev44.
Source: CVE-2023-0509
CVE-2022-44263
CVE-2022-44263
Dentsply Sirona Sidexis <= 4.3 is vulnerable to Incorrect Access Control.
Source: CVE-2022-44263
CVE-2022-44264
CVE-2022-44264
Dentsply Sirona Sidexis <= 4.3 is vulnerable to Unquoted Service Path.
Source: CVE-2022-44264
CVE-2022-47951
CVE-2022-47951
An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0. By supplying a specially created VMDK flat image that references a specific backing file path, an authenticated user may convince systems to return a copy of that file’s contents from the server, resulting in unauthorized access to potentially sensitive data.
Source: CVE-2022-47951
CVE-2022-45770
CVE-2022-45770
Improper input validation in driver adgnetworkwfpdrv.sys in Adguard For Windows x86 up to version 7.11 allows attacker to gain local privileges escalation.
Source: CVE-2022-45770