CVE-2022-0757 (nexpose) | allinfosecnews.com

March 17, 2022, 11:15 p.m. |

National Vulnerability Database web.nvd.nist.gov

Rapid7 Nexpose versions 6.6.93 and earlier are susceptible to an SQL Injection vulnerability, whereby valid search operators are not defined. This lack of validation can allow an attacker to manipulate the "ANY" and "OR" operators in the SearchCriteria and inject SQL code. This issue was fixed in Rapid7 Nexpose version 6.6.129.

More from web.nvd.nist.gov / National Vulnerability Database

CVE-2023-45955 (lightstrip_firmware) 6 months ago | web.nvd.nist.gov

attackers cve denial of service issue +1

CVE-2023-40101 (android) 6 months ago | web.nvd.nist.gov

android check collapse cve +7

CVE-2023-21377 (android) 6 months ago | web.nvd.nist.gov

android bypass cve disclosure +8

CVE-2023-21380 (android) 6 months ago | web.nvd.nist.gov

android bluetooth buffer buffer overflow +9

CVE-2023-21382 (android) 6 months ago | web.nvd.nist.gov

access android check cve +11

CVE-2023-21381 (android) 6 months ago | web.nvd.nist.gov

android arbitrary code code code execution +10

CVE-2023-21385 (android) 6 months ago | web.nvd.nist.gov

android corruption cve disclosure +7

CVE-2023-21387 (android) 6 months ago | web.nvd.nist.gov

android backup bypass cve +11

CVE-2023-21389 (android) 6 months ago | web.nvd.nist.gov

android bypass check cve +10

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote

View on infosec-jobs.com

Cyber Security Culture – Communication and Content Specialist

@ H&M Group | Stockholm, Sweden

View on infosec-jobs.com

Container Hardening, Sr. (Remote | Top Secret)

@ Rackner | San Antonio, TX

View on infosec-jobs.com

GRC and Information Security Analyst

@ Intertek | United States

View on infosec-jobs.com

Information Security Officer

@ Sopra Steria | Bristol, United Kingdom

View on infosec-jobs.com

Casual Area Security Officer South Down Area

@ TSS | County Down, United Kingdom

View on infosec-jobs.com