Microweber CMS version 1.2.10 has a backup functionality that enables a local file inclusion vulnerability.
>> ARCHIVE: 2022-02
Backdoor.Win32.FTP.Ics malware suffers from an unauthenticated remote command execution vulnerability.
Wondershare MirrorGo 2.0.11.346 – Insecure File Permissions
Trojan.Win32.Cosmu.abix malware suffers from an insecure permissions vulnerability.
Air Cargo Management System version 1.0 suffers from a remote SQL injection vulnerability.
WordPress 99robots Header Footer Code Manager plugin versions 1.1.16 and below suffer from a cross site scripting vulnerability.
Backdoor.Win32.Agent.baol malware suffers from an insecure permissions vulnerability.
Agirhnet version 1.0 suffers from a cross site scripting vulnerability.
Backdoor.Win32.Dsocks.10 malware suffers from a hardcoded cleartext password vulnerability.
ICL ScadaFlex II SCADA Controllers SC-1/SC-2 version 1.03.07 is vulnerable to unauthenticated file write/overwrite and deletion. This allows an attacker to execute critical file CRUD operations on the device that…