CVE-2022-33146 : WEB2PY UP TO 2.22.4 URL REDIRECT

Description

Open redirect vulnerability in web2py versions prior to 2.22.5 allows a remote attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL.

References

http://web2py.com/

https://github.com/web2py/web2py/commit/a181b855a43cb8b479d276b082cfcde385768451

https://github.com/web2py/web2py/commit/d9805606f88f00c0be56438247605cefde73e14e#diff-c1d01f37ee54d813815718760b9c4d7b274e2be7ad18f65552cd564336ab593bR110

https://jvn.jp/en/jp/JVN02158640/index.html

For More Information

MITRE

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2022-45359 : YITH WOOCOMMERCE GIFT CARDS PREMIUM PLUGIN UP TO 3.19.0 ON WORDPRESS UNRESTRICTED UPLOAD

CVE-2022-45359 : YITH WOOCOMMERCE GIFT CARDS PREMIUM PLUGIN UP TO 3.19.0 ON WORDPRESS UNRESTRICTED UPLOAD

Description Unauth. Arbitrary File Upload vulnerability in YITH WooCommerce Gift Cards premium plugin

CVE-2022-45479 : PC KEYBOARD SERVER MISSING AUTHENTICATION

CVE-2022-45479 : PC KEYBOARD SERVER MISSING AUTHENTICATION

Description PC Keyboard allows remote unauthenticated users to send instructions to the server to execute arbitrary code without any previous

CVE-2022-46414 : VERITAS NETBACKUP FLEX SCALE/ACCESS APPLIANCE MANAGEMENT PORTAL REMOTE CODE EXECUTION

CVE-2022-46414 : VERITAS NETBACKUP FLEX SCALE/ACCESS APPLIANCE MANAGEMENT PORTAL REMOTE CODE EXECUTION

Description An issue was discovered in Veritas NetBackup Flex Scale through 3.0 and Access Appliance through 8.0.100. Unauthenticated remote command