The ftlserver component of TIBCO Software Inc.’s TIBCO FTL – Community Edition, TIBCO FTL – Developer Edition, TIBCO FTL – Enterprise Edition, TIBCO FTL – Enterprise Edition, TIBCO eFTL – Community Edition, TIBCO eFTL – Developer Edition, TIBCO eFTL – Enterprise Edition, and TIBCO eFTL – Enterprise Edition contains a difficult to exploit vulnerability that allows a low privileged attacker with local access to obtain user credentials to the affected system. Affected releases are TIBCO Software Inc.’s TIBCO FTL – Community Edition: versions 6.0.0 through 6.8.0, TIBCO FTL – Developer Edition: versions 6.0.1 through 6.8.0, TIBCO FTL – Enterprise Edition: versions 6.0.0 through 6.7.3, TIBCO FTL – Enterprise Edition: version 6.8.0, TIBCO eFTL – Community Edition: versions 6.0.0 through 6.8.0, TIBCO eFTL – Developer Edition: versions 6.0.1 through 6.8.0, TIBCO eFTL – Enterprise Edition: versions 6.0.0 through 6.7.3, and TIBCO eFTL – Enterprise Edition: version 6.8.0.
NVD-CWE-noinfo
CVE-2022-30450
A Remote Code Execution (RCE) vulnerability exists in waimairen 9.1 via wx.php
CVE-2022-30453
ShopWind <= 3.4.2 has a RCE vulnerability in Database.php
CVE-2022-30470
In Afian Filerun 20220202 Changing the “search_tika_path” variable to a custom (and previously uploaded) jar file results in remote code execution in the context of the webserver user.
CVE-2022-30503
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_set_number at src/njs_value.h.
CVE-2022-30381
Merchandise Online Store v1.0 is vulnerable to file deletion via /vloggers_merch/classes/Master.php?f=delete_img.