CVE-2022-24108: OpenCart's plugin "So Listing Tabs" <= 2.2.0 Deserialization of Untrusted Data

Read Time:20 Second

Posted by Denis Mironov on May 16

[-] Affected Versions:

Version 2.2.0 is affected, and prior versions are likely affected too.

[-] Vulnerabilities Description:

Vulnerable component is switching to another tab. To exploit
vulnerability, an attacker may send a POST request (with
application/x-www-form-urlencoded content-type) to AJAX endpoint
(usually “/index.php”) with “is_ajax_listing_tabs” parameter set to
“1” and “setting” parameter…

USN-7021-2: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

September 23, 2024

USN-7029-1: Linux kernel vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could...

September 23, 2024

USN-7007-3: Linux kernel vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could...

September 23, 2024

USN-6999-2: Linux kernel vulnerabilities

Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could...

September 23, 2024

USN-7028-1: Linux kernel vulnerabilities

It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local...

September 23, 2024

python-zipp-0.5.1-4.el8

FEDORA-EPEL-2024-d7489f4064 Packages in this update: python-zipp-0.5.1-4.el8 Update description: Security fix for CVE-2024-5569 (rhbz#2297119) Read More

September 23, 2024

Kryptina Ransomware Resurfaces in Enterprise Attacks By Mallox

Hacking the “Bike Angels” System for Moving Bikeshares

Vulnerabilities Found in Popular Houzez Theme and Plugin

Russian Cyber-Attacks Home in on Ukraine’s Military Infrastructure

Quantum Computing and Cybersecurity – Preparing for a New Age of Threats

LinkedIn Pauses GenAI Training Following ICO Concerns

German Police Shutter 47 Criminal Crypto Exchanges

Friday Squid Blogging: Squid Game Season Two Teaser

Clever Social Engineering Attack Using Captchas

CVE-2022-24108: OpenCart’s plugin “So Listing Tabs” <= 2.2.0 Deserialization of Untrusted Data

USN-7021-2: Linux kernel vulnerabilities

USN-7029-1: Linux kernel vulnerabilities

USN-7007-3: Linux kernel vulnerabilities

USN-6999-2: Linux kernel vulnerabilities

USN-7028-1: Linux kernel vulnerabilities

python-zipp-0.5.1-4.el8