Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
CVE-2022-38618 — Bpcbt Smartvista: SVFE2 v2.2.22 was discovered to contain a SQL injection vulnerability via the UserForm:j_id88
SmartVista SVFE2 v2.2.22 was discovered to contain a SQL injection vulnerability via the UserForm:j_id88, UserForm:j_id90, and UserForm:j_id92 parameters at /SVFE2/pages/feegroups/country_group.jsf. CVSSv3.1 8.8 (HIGH) · EPSS 50th percentile
CVE-2022-38577 — Processmaker Processmaker: This vulnerability allows attackers to escalate normal users to Administrators.
ProcessMaker before v3.5.4 was discovered to contain insecure permissions in the user profile page. This vulnerability allows attackers to escalate normal users to Administrators. CVSSv3.1 8.8 (HIGH) · EPSS 73th percentile
CVE-2022-38617 — Bpcbt Smartvista: SVFE2 v2.2.22 was discovered to contain a SQL injection vulnerability via the voiceAudit:j_id97
SmartVista SVFE2 v2.2.22 was discovered to contain a SQL injection vulnerability via the voiceAudit:j_id97 parameter at /SVFE2/pages/audit/voiceaudit.jsf. CVSSv3.1 8.8 (HIGH) · EPSS 55th percentile
CVE-2022-36536 — Syncovery Syncovery: KG Syncovery 9 for Linux v9.47x and below allows attackers to escalate privileges via
An issue in the component post_applogin.php of Super Flexible Software GmbH & Co. KG Syncovery 9 for Linux v9.47x and below allows attackers to escalate privileges via creating crafted session tokens. CVSSv3.1 9.8 (CRITICAL) · EPSS 91th percentile
CVE-2022-36534 — Syncovery Syncovery: KG Syncovery 9 for Linux v9.47x and below was discovered to contain multiple remote
Super Flexible Software GmbH & Co. KG Syncovery 9 for Linux v9.47x and below was discovered to contain multiple remote code execution (RCE) vulnerabilities via the Job_ExecuteBefore and Job_ExecuteAfter parameters at post_profilesettings.php. CVSSv3.1 8.8 (HIGH) · EPSS 99th percentile
CVE-2022-36533 — Syncovery Syncovery: KG Syncovery 9 for Linux v9.47x and below was discovered to contain a cross-site
Super Flexible Software GmbH & Co. KG Syncovery 9 for Linux v9.47x and below was discovered to contain a cross-site scripting (XSS) vulnerability. CVSSv3.1 5.4 (MEDIUM) · EPSS 99th percentile
CVE-2022-36532 — Bolt Bolt_cms: CMS contains a vulnerability in version 5.1.12 and below that allows an authenticated
Bolt CMS contains a vulnerability in version 5.1.12 and below that allows an authenticated user with the ROLE_EDITOR privileges to upload and rename a malicious file to achieve remote code execution. CVSSv3.1 8.8 (HIGH) · EPSS 98th percentile
CVE-2022-37257 — Stealjs Steal: Prototype pollution vulnerability in function convertLater in npm-convert.js in stealjs steal 2.2.4 via the
Prototype pollution vulnerability in function convertLater in npm-convert.js in stealjs steal 2.2.4 via the requestedVersion variable in npm-convert.js. CVSSv3.1 9.8 (CRITICAL) · EPSS 62th percentile
CVE-2022-38616 — Bpcbt Smartvista_front-end: SmartVista SVFE2 v2.2.22 was discovered to contain a SQL injection vulnerability via the UserForm:j_id90
SmartVista SVFE2 v2.2.22 was discovered to contain a SQL injection vulnerability via the UserForm:j_id90 parameter at /feegroups/tgrt_group.jsf. CVSSv3.1 8.8 (HIGH) · EPSS 58th percentile
CVE-2022-36110 — Netmaker Netmaker: Prior to version 0.15.1, Improper Authorization functions lead to non-privileged users running privileged API
Netmaker makes networks with WireGuard. Prior to version 0.15.1, Improper Authorization functions lead to non-privileged users running privileged API calls. If someone adds users to the Netmaker platform who do not have admin privileges, they can use their auth tokens to run admin-level functions via the API. This problem has been patched in v0.15.1. CVSSv3.1 8.8 (HIGH) · EPSS 53th percentile
CVE-2022-38615 — Bpcbt Smartvista_front-end: SmartVista SVFE2 v2.2.22 was discovered to contain multiple SQL injection vulnerabilities via the UserForm:j_id88
SmartVista SVFE2 v2.2.22 was discovered to contain multiple SQL injection vulnerabilities via the UserForm:j_id88, UserForm:j_id90, and UserForm:j_id92 parameters at /SVFE2/pages/feegroups/service_group.jsf. CVSSv3.1 8.8 (HIGH) · EPSS 56th percentile
CVE-2022-30079 — Netgear R6200: Command injection vulnerability was discovered in Netgear R6200 v2 firmware through R6200v2-V1.0.3.12 via binary
Command injection vulnerability was discovered in Netgear R6200 v2 firmware through R6200v2-V1.0.3.12 via binary /sbin/acos_service that could allow remote authenticated attackers the ability to modify values in the vulnerable parameter. CVSSv3.1 8.8 (HIGH) · EPSS 98th percentile
CVE-2022-37144 — Plextrac Plextrac: The PlexTrac platform prior to API version 1.17.0 does not restrict excessive MFA TOTP
The PlexTrac platform prior to API version 1.17.0 does not restrict excessive MFA TOTP submission attempts. An unauthenticated remote attacker in possession of a valid username and password can bruteforce their way past MFA protections to login as the targeted user. CVSSv3.1 8.8 (HIGH) · EPSS 52th percentile
CVE-2022-30078 — Netgear R6200_firmware: R6200_V2 firmware versions through R6200v2-V1.0.3.12_10.1.11 and R6300_V2 firmware versions through R6300v2-V1.0.4.52_10.0.93 allow remote
NETGEAR R6200_V2 firmware versions through R6200v2-V1.0.3.12_10.1.11 and R6300_V2 firmware versions through R6300v2-V1.0.4.52_10.0.93 allow remote authenticated attackers to execute arbitrary command via shell metacharacters in the ipv6_fix.cgi ipv6_wan_ipaddr, ipv6_lan_ipaddr, ipv6_wan_length, or ipv6_lan_length parameters. CVSSv3.1 8.8 (HIGH) · EPSS 76th percentile
CVE-2022-2542 — Summitmediaconcepts Ucontext_for_clickbank: The uContext for Clickbank plugin for WordPress is vulnerable to Cross-Site Request Forgery to
The uContext for Clickbank plugin for WordPress is vulnerable to Cross-Site Request Forgery to Cross-Site Scripting in versions up to, and including 3.9.1. This is due to missing nonce validation in the ~/app/sites/ajax/actions/keyword_save.php file that is called via the doAjax() function. This makes it possible for unauthenticated attackers to modify the plugin's settings and inject malicious web scripts via a forged request granted they can trick a site administrator into CVSSv3.1 8.8 (HIGH) · EPSS 58th percentile
CVE-2022-2541 — Summitmediaconcepts Ucontext_for_amazon: The uContext for Amazon plugin for WordPress is vulnerable to Cross-Site Request Forgery to
The uContext for Amazon plugin for WordPress is vulnerable to Cross-Site Request Forgery to Cross-Site Scripting in versions up to, and including 3.9.1. This is due to missing nonce validation in the ~/app/sites/ajax/actions/keyword_save.php file that is called via the doAjax() function. This makes it possible for unauthenticated attackers to modify the plugin's settings and inject malicious web scripts via a forged request granted they can trick a site administrator into per CVSSv3.1 8.8 (HIGH) · EPSS 58th percentile
CVE-2022-2540 — Link_optimizer_lite_project Link_optimizer_lite: The Link Optimizer Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery to
The Link Optimizer Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery to Cross-Site Scripting in versions up to, and including 1.4.5. This is due to missing nonce validation on the admin_page function found in the ~/admin.php file. This makes it possible for unauthenticated attackers to modify the plugin's settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on CVSSv3.1 8.8 (HIGH) · EPSS 40th percentile
CVE-2022-2518 — Berocket Stockists_manager_for_woocommerce: The Stockists Manager for Woocommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery
The Stockists Manager for Woocommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.2.1. This is due to missing nonce validation on the stockist_settings_main() function. This makes it possible for unauthenticated attackers to modify the plugin's settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. CVSSv3.1 8.8 (HIGH) · EPSS 43th percentile
CVE-2022-2461 — Transposh Transposh_wordpress_translation: The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by
The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.9.6. This is due to insufficient permissions checking on the 'tp_translation' AJAX action and default settings which makes it possible for unauthenticated attackers to influence the data shown on the site. CVSSv3.1 5.3 (MEDIUM) · EPSS 95th percentile
CVE-2022-2436 — W3eden Download_manager: The Download Manager plugin for WordPress is vulnerable to deserialization of untrusted input via
The Download Manager plugin for WordPress is vulnerable to deserialization of untrusted input via the 'file[package_dir]' parameter in versions up to, and including 3.2.49. This makes it possible for authenticated attackers with contributor privileges and above to call files using a PHAR wrapper that will deserialize the data and call arbitrary PHP Objects that can be used to perform a variety of malicious actions granted a POP chain is also present. It also requires that the CVSSv3.1 8.8 (HIGH) · EPSS 78th percentile
CVE-2022-2434 — Instawp String_locator: The String Locator plugin for WordPress is vulnerable to deserialization of untrusted input via
The String Locator plugin for WordPress is vulnerable to deserialization of untrusted input via the 'string-locator-path' parameter in versions up to, and including 2.5.0. This makes it possible for unauthenticated users to call files using a PHAR wrapper, granted they can trick a site administrator into performing an action such as clicking on a link, that will deserialize and call arbitrary PHP Objects that can be used to perform a variety of malicious actions granted a POP CVSSv3.1 8.8 (HIGH) · EPSS 90th percentile
CVE-2022-2233 — Banner_cycler_project Banner_cycler: The Banner Cycler plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions
The Banner Cycler plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including 1.4. This is due to missing nonce protection on the pabc_admin_slides_postback() function found in the ~/admin/admin.php file. This makes it possible for unauthenticated attackers to inject malicious web scripts into the page, granted they can trick a site’s administrator into performing an action such as clicking on a link CVSSv3.1 8.8 (HIGH) · EPSS 55th percentile
CVE-2022-36640 — Influxdata Influxdb: The default settings do NOT enable authentication and authorization."
influxData influxDB before v1.8.10 contains no authentication mechanism or controls, allowing unauthenticated attackers to execute arbitrary commands. NOTE: the CVE ID assignment is disputed because the vendor's documentation states "If InfluxDB is being deployed on a publicly accessible endpoint, we strongly recommend authentication be enabled. Otherwise the data will be publicly available to any unauthenticated user. The default settings do NOT enable authentication and aut CVSSv3.1 9.8 (CRITICAL) · EPSS 79th percentile
CVE-2022-36202 — Doctor\'s_appointment_system_project Doctor\'s_appointment_system: Doctor's Appointment System1.0 is vulnerable to Incorrect Access Control via edoc/patient/settings.php.
Doctor's Appointment System1.0 is vulnerable to Incorrect Access Control via edoc/patient/settings.php. The settings.php is affected by Broken Access Control (IDOR) via id= parameter. CVSSv3.1 9.8 (CRITICAL) · EPSS 55th percentile
CVE-2022-37176 — Tendacn Ac6_firmware: Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains a vulnerability which allows attackers to
Tenda AC6(AC1200) v5.0 Firmware v02.03.01.114 and below contains a vulnerability which allows attackers to remove the Wi-Fi password and force the device into open security mode via a crafted packet sent to goform/setWizard. CVSSv3.1 9.8 (CRITICAL) · EPSS 57th percentile