Joomla Rentalot Plus extension version 19.05 suffers from a cross site scripting vulnerability.
>> ARCHIVE: 2022-10
Backdoor.Win32.Delf.eg malware suffers from an unauthenticated remote command execution vulnerability.
Joomla jMarket extension version 5.15 suffers from a cross site scripting vulnerability.
Joomla JS Jobs Pro extension version 1.3.6 suffers from a remote SQL injection vulnerability.
Joomla MyMuse extension version 4.3.0 suffers from a remote SQL injection vulnerability.
GuppY CMS version 6.00.10 suffers from an authenticated remote shell upload vulnerability.
Centreon version 22.04.0 suffers from a persistent cross site scripting vulnerability.
ZKSecurity BIO version 4.1.2 suffers from a remote SQL injection vulnerability that can allow for remote code execution.
ZKSecurity BIO version 3.0.5.0_R suffers from a privilege escalation vulnerability.
This archive contains all of the 118 exploits added to Packet Storm in September, 2022.