#windows

Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/menus/view_menu.php?id=.

In Piwigo 11.5.0, there exists a persistent cross-site scripting in the single mode function through /admin.php?page=batch_manager&mode=unit.

Microsoft has warned of APT groups and ransomware authors exploiting the now patched Confluence vulnerability. We take a look at the dangers. The post “Multiple adversaries” exploiting Confluence vulnerability, warns Microsoft appeared first on Malwarebytes Labs.

Access of uninitialized pointer vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file.

A vulnerability was found in Microsoft O365 and classified as critical. This issue affects the Conditional Access Policy which leads to improper access controls. By default the policy is not verified for every request. The attack may be initiated remotely. Exploit details have been disclosed to the public. It is recommended to change the configuration settings. NOTE: Vendor claims that pre-requisites are very high, the feature works as intended, and that configuration settings might mitigate the issue.

**Why is this Rapid7 CVE included in the Security Update Guide?** The vulnerability assigned to this CVE was originally classified as a stability bug in Windows. Rapid7 discovered that this bug could be used to cause a denial of service condition on affected versions of Windows. Microsoft had provided an update to address this issue prior to being contacted about it by Rapid 7. Microsoft appreciates the strong partnership that we have with Rapid7. **Why are the May updates associated with the operating systems rows in the Security Updates table?** This vulnerability was addressed in the May 2022 security updates.

**According to the CVSS metric confidentiality is High (C:H). What confidential information can be disclosed?** Exploiting this vulnerability will allow an attacker to access resources that are protected by conditional access policies based solely on device compliance state. For more information, please refer to Scenarios for using Conditional Access with Microsoft Intune - Microsoft Intune | Microsoft Docs.

**What type of information could be disclosed by this vulnerability?** The type of information that could be disclosed if an attacker successfully exploited this vulnerability is the contents of Kernel memory. An attacker could read the contents of Kernel memory from a user mode process.

**How could an attacker exploit this vulnerability?** An attacker could exploit the vulnerability by convincing a user to connect a Lightweight Directory Access Protocol (LDAP) client to a malicious LDAP server. When the vulnerability is successfully exploited this could allow the malicious server to gain remote code execution within the LDAP client.

**How could an attacker exploit this vulnerability?** An attacker could exploit the vulnerability by convincing a user to connect a Lightweight Directory Access Protocol (LDAP) client to a malicious LDAP server. When the vulnerability is successfully exploited this could allow the malicious server to gain remote code execution within the LDAP client.