Security Vulnerabilities - CVEs Published In October 2022
Hospital Management System v 4.0 is vulnerable to SQL Injection via file:hospital/hms/admin/view-patient.php.
CVSS Score
8.8
EPSS Score
0.002
Published
2022-10-28
Canteen Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via /youthappam/php_action/editProductImage.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.
CVSS Score
7.2
EPSS Score
0.001
Published
2022-10-28
Canteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the productId parameter at /php_action/fetchSelectedfood.php.
CVSS Score
7.2
EPSS Score
0.001
Published
2022-10-28
Impact varies for each individual vulnerability in the application. For generation of accounts, it may be possible, depending on the amount of system resources available, to create a DoS event in the server. These accounts still need to be activated; however, it is possible to identify the output Status Code to separate accounts that are generated and waiting for email verification. \n\nFor the sign in directories, it is possible to brute force login attempts to either login portal, which could lead to account compromise.
CVSS Score
9.4
EPSS Score
0.001
Published
2022-10-28
Lock Warp switch is a feature of Zero Trust platform which, when
enabled, prevents users of enrolled devices from disabling WARP client.
Due to insufficient policy verification by WARP iOS client, this
feature could be bypassed by using the "Disable WARP" quick action.
CVSS Score
6.7
EPSS Score
0.0
Published
2022-10-28
It was possible for a user to delete a VPN profile from WARP mobile client on iOS platform despite the Lock WARP switch https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/warp-settings/#lock-warp-switch feature
being enabled on Zero Trust Platform. This led to bypassing policies
and restrictions enforced for enrolled devices by the Zero Trust
platform.
CVSS Score
6.7
EPSS Score
0.0
Published
2022-10-28
Using warp-cli command "add-trusted-ssid", a user was able to disconnect WARP client and bypass the "Lock WARP switch" feature resulting in Zero Trust policies not being enforced on an affected endpoint.
CVSS Score
6.7
EPSS Score
0.0
Published
2022-10-28
It was possible to bypass Lock WARP switch feature https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/warp-settings/#lock-warp-switch on the WARP iOS mobile client by enabling both "Disable for cellular networks" and "Disable for Wi-Fi networks" switches at once in the application settings. Such configuration caused the WARP client to disconnect and allowed the user to bypass restrictions and policies enforced by the Zero Trust platform.
CVSS Score
6.7
EPSS Score
0.0
Published
2022-10-28
It was possible to bypass policies configured for Zero Trust Secure Web Gateway by using warp-cli 'set-custom-endpoint' subcommand. Using this command with an unreachable endpoint caused the WARP Client to disconnect and allowed bypassing administrative restrictions on a Zero Trust enrolled endpoint.
CVSS Score
6.7
EPSS Score
0.0
Published
2022-10-28
A vulnerability was found in seccome Ehoney. It has been rated as critical. This issue affects some unknown processing of the file /api/public/signup. The manipulation leads to improper access controls. The identifier VDB-212417 was assigned to this vulnerability.
CVSS Score
6.3
EPSS Score
0.0
Published
2022-10-28