>> ARCHIVE: 2022-02

PHP Restaurants version 1.0 suffers from a remote SQL injection vulnerability.

Backdoor.Win32.Zxman malware suffers from a code execution vulnerability.

Moodle version 3.11.4 suffers from a remote SQL injection vulnerability.

Huawei DG8045 Router version 1.0 suffers from a credential disclosure vulnerability.

Backdoor.Win32.Small.bu (KGB-RAT server version 0.1) malware suffers from a remote command execution vulnerability.

WordPress Learnpress plugin version 4.1.4.1 suffers from an arbitrary image renaming vulnerability.

This Metasploit module exploits an authentication bypass (CVE-2021-1472) and command injection (CVE-2021-1473) in the Cisco Small Business RV series of VPN/routers. The device does not adequately verify the credentials in…

This archive contains all of the 167 exploits added to Packet Storm in January, 2022.