A vulnerability was found in Userfrosting up to 4.6.2 and classified as critical. This issue affects an unknown function of the component HTTP Header Handler. Applying the patch 796dd78757902435d1bd286415feea78098e45ba is able to eliminate this problem. The bugfix is ready for download at github.com.
Userfrosting up to 4.6.2 HTTP Header Host injection
- Virtual Patching
- January 3, 2022
- 1:04 pm
Contact us to get started
CVE-2022-34066 : TEXERCISE UP TO 0.0.12 ON PYTHON BACKDOOR
Description The Texercise package in PyPI v0.0.1 to v0.0.12 was discovered to contain a code execution backdoor. This vulnerability allows
CVE-2022-32405 : SOURCECODESTER PRISON MANAGEMENT SYSTEM 1.0 VIEW_PRISON.PHP ID SQL INJECTION
Description Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the ‘id’ parameter at /pms/admin/prisons/view_prison.php:4 References
CVE-2022-20651 : CISCO ADAPTIVE SECURITY DEVICE MANAGER LOG FILE
Description A vulnerability in the logging component of Cisco Adaptive Security Device Manager (ASDM) could allow an authenticated, local attacker