Search
Search Results (357535 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-23380 | 1 Taogogo | 1 Taocms | 2024-11-21 | 8.8 High |
| There is a SQL injection vulnerability in the background of taocms 3.0.2 in parameter id:action=admin&id=2&ctrl=edit. | ||||
| CVE-2022-23379 | 1 Emlog | 1 Emlog | 2024-11-21 | 9.8 Critical |
| Emlog v6.0 was discovered to contain a SQL injection vulnerability via the $TagID parameter of getblogidsfromtagid(). | ||||
| CVE-2022-23378 | 1 Tastyigniter | 1 Tastyigniter | 2024-11-21 | 5.4 Medium |
| A Cross-Site Scripting (XSS) vulnerability exists within the 3.2.2 version of TastyIgniter. The "items%5B0%5D%5Bpath%5D" parameter of a request made to /admin/allergens/edit/1 is vulnerable. | ||||
| CVE-2022-23377 | 1 Keep | 1 Archeevo | 2024-11-21 | 7.5 High |
| Archeevo below 5.0 is affected by local file inclusion through file=~/web.config to allow an attacker to retrieve local files. | ||||
| CVE-2022-23376 | 1 Wikidocs | 1 Wikidocs | 2024-11-21 | 6.1 Medium |
| WikiDocs version 0.1.18 has multiple reflected XSS vulnerabilities on different pages. | ||||
| CVE-2022-23375 | 1 Wikidocs | 1 Wikidocs | 2024-11-21 | 8.8 High |
| WikiDocs version 0.1.18 has an authenticated remote code execution vulnerability. An attacker can upload a malicious file using the image upload form through index.php. | ||||
| CVE-2022-23367 | 1 Fulusso Project | 1 Fulusso | 2024-11-21 | 6.1 Medium |
| Fulusso v1.1 was discovered to contain a DOM-based cross-site scripting (XSS) vulnerability in /BindAccount/SuccessTips.js. This vulnerability allows attackers to inject malicious code into a victim user's device via open redirection. | ||||
| CVE-2022-23366 | 1 Hms Project | 1 Hms | 2024-11-21 | 9.8 Critical |
| HMS v1.0 was discovered to contain a SQL injection vulnerability via patientlogin.php. | ||||
| CVE-2022-23365 | 1 Hms Project | 1 Hms | 2024-11-21 | 9.8 Critical |
| HMS v1.0 was discovered to contain a SQL injection vulnerability via doctorlogin.php. | ||||
| CVE-2022-23364 | 1 Hms Project | 1 Hms | 2024-11-21 | 9.8 Critical |
| HMS v1.0 was discovered to contain a SQL injection vulnerability via adminlogin.php. | ||||
| CVE-2022-23363 | 1 Online Banking System Project | 1 Online Banking System | 2024-11-21 | 9.8 Critical |
| Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via index.php. | ||||
| CVE-2022-23358 | 1 Easycms | 1 Easycms | 2024-11-21 | 9.8 Critical |
| EasyCMS v1.6 allows for SQL injection via ArticlemAction.class.php. In the background, search terms provided by the user were not sanitized and were used directly to construct a SQL statement. | ||||
| CVE-2022-23357 | 1 Mozilo | 1 Mozilocms | 2024-11-21 | 9.1 Critical |
| mozilo2.0 was discovered to be vulnerable to directory traversal attacks via the parameter curent_dir. | ||||
| CVE-2022-23352 | 1 Bigantsoft | 1 Bigant Server | 2024-11-21 | 7.5 High |
| An issue in BigAnt Software BigAnt Server v5.6.06 can lead to a Denial of Service (DoS). | ||||
| CVE-2022-23350 | 1 Bigantsoft | 1 Bigant Server | 2024-11-21 | 5.4 Medium |
| BigAnt Software BigAnt Server v5.6.06 was discovered to contain a cross-site scripting (XSS) vulnerability. | ||||
| CVE-2022-23349 | 1 Bigantsoft | 1 Bigant Server | 2024-11-21 | 8.8 High |
| BigAnt Software BigAnt Server v5.6.06 was discovered to contain a Cross-Site Request Forgery (CSRF). | ||||
| CVE-2022-23348 | 1 Bigantsoft | 1 Bigant Server | 2024-11-21 | 5.3 Medium |
| BigAnt Software BigAnt Server v5.6.06 was discovered to utilize weak password hashes. | ||||
| CVE-2022-23347 | 1 Bigantsoft | 1 Bigant Server | 2024-11-21 | 7.5 High |
| BigAnt Software BigAnt Server v5.6.06 was discovered to be vulnerable to directory traversal attacks. | ||||
| CVE-2022-23346 | 1 Bigantsoft | 1 Bigant Server | 2024-11-21 | 8.8 High |
| BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control issues. | ||||
| CVE-2022-23345 | 1 Bigantsoft | 1 Bigant Server | 2024-11-21 | 7.5 High |
| BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control. | ||||