Search Results (364935 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-28541 1 Samsung 1 Update 2024-11-21 5.9 Medium
Uncontrolled search path element vulnerability in Samsung Update prior to version 3.0.77.0 allows attackers to execute arbitrary code as Samsung Update permission.
CVE-2022-28533 1 Medical Hub Directory Site Project 1 Medical Hub Directory Site 2024-11-21 9.8 Critical
Sourcecodester Medical Hub Directory Site 1.0 is vulnerable to SQL Injection via /mhds/clinic/view_details.php.
CVE-2022-28531 1 Covid-19 Directory On Vaccination System Project 1 Covid-19 Directory On Vaccination System 2024-11-21 9.8 Critical
Sourcecodester Covid-19 Directory on Vaccination System1.0 is vulnerable to SQL Injection via the admin/login.php txtusername (aka Username) field.
CVE-2022-28530 1 Covid-19 Directory On Vaccination System Project 1 Covid-19 Directory On Vaccination System 2024-11-21 9.8 Critical
Sourcecodester Covid-19 Directory on Vaccination System 1.0 is vulnerable to SQL Injection via cmdcategory.
CVE-2022-28528 1 Bloofox 1 Bloofoxcms 2024-11-21 8.8 High
bloofoxCMS v0.5.2.1 was discovered to contain an arbitrary file upload vulnerability via /admin/index.php?mode=content&page=media&action=edit.
CVE-2022-28527 1 Dhcms Project 1 Dhcms 2024-11-21 8.1 High
dhcms v20170919 was discovered to contain an arbitrary folder deletion vulnerability via /admin.php?r=admin/AdminBackup/del.
CVE-2022-28525 1 Ed01-cms Project 1 Ed01-cms 2024-11-21 8.8 High
ED01-CMS v20180505 was discovered to contain an arbitrary file upload vulnerability via /admin/users.php?source=edit_user&id=1.
CVE-2022-28524 1 Ed01-cms Project 1 Ed01-cms 2024-11-21 9.8 Critical
ED01-CMS v20180505 was discovered to contain a SQL injection vulnerability via the component post.php.
CVE-2022-28523 1 Hongcms Project 1 Hongcms 2024-11-21 8.1 High
HongCMS 3.0.0 allows arbitrary file deletion via the component /admin/index.php/template/ajax?action=delete.
CVE-2022-28522 1 Zcms Project 1 Zcms 2024-11-21 5.4 Medium
ZCMS v20170206 was discovered to contain a stored cross-site scripting (XSS) vulnerability via index.php?m=home&c=message&a=add.
CVE-2022-28521 1 Zcms Project 1 Zcms 2024-11-21 9.8 Critical
ZCMS v20170206 was discovered to contain a file inclusion vulnerability via index.php?m=home&c=home&a=sp_set_config.
CVE-2022-28512 1 Fantastic Blog Project 1 Fantastic Blog 2024-11-21 9.8 Critical
A SQL injection vulnerability exists in Sourcecodester Fantastic Blog CMS 1.0 . An attacker can inject query in "/fantasticblog/single.php" via the "id=5" parameters.
CVE-2022-28508 1 Mantisbt 1 Mantisbt 2024-11-21 6.1 Medium
An XSS issue was discovered in browser_search_plugin.php in MantisBT before 2.25.2. Unescaped output of the return parameter allows an attacker to inject code into a hidden input field.
CVE-2022-28507 1 Bdt-121 Project 2 Bdt-121, Bdt-121 Firmware 2024-11-21 4.8 Medium
Dragon Path Technologies Bharti Airtel Routers Hardware BDT-121 version 1.0 is vulnerable to Cross Site Scripting (XSS) via Dragon path router admin page.
CVE-2022-28506 2 Fedoraproject, Giflib Project 2 Fedora, Giflib 2024-11-21 5.5 Medium
There is a heap-buffer-overflow in GIFLIB 5.2.1 function DumpScreen2RGB() in gif2rgb.c:298:45.
CVE-2022-28505 1 Jflyfox 1 Jfinal Cms 2024-11-21 7.2 High
Jfinal_cms 5.1.0 is vulnerable to SQL Injection via com.jflyfox.system.log.LogController.java.
CVE-2022-28488 1 Libwav Project 1 Libwav 2024-11-21 7.5 High
The function wav_format_write in libwav.c in libwav through 2017-04-20 has an Use of Uninitialized Variable vulnerability.
CVE-2022-28487 2 Broadcom, Fedoraproject 2 Tcpreplay, Fedora 2024-11-21 7.5 High
Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_checksums() function. The highest threat from this vulnerability is to data confidentiality.
CVE-2022-28481 1 Csv-safe Project 1 Csv-safe 2024-11-21 9.8 Critical
CSV-Safe gem < 3.0.0 doesn't filter out special characters which could trigger CSV Injection.
CVE-2022-28480 1 Allmediaserver 1 Allmediaserver 2024-11-21 9.8 Critical
ALLMediaServer 1.6 is vulnerable to Buffer Overflow via MediaServer.exe.