Search Results (365269 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-40834 1 Codeigniter 1 Codeigniter 2024-11-21 9.8 Critical
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_not_like() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
CVE-2022-40833 1 Codeigniter 1 Codeigniter 2024-11-21 9.8 Critical
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_where_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
CVE-2022-40832 1 Codeigniter 1 Codeigniter 2024-11-21 9.8 Critical
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php having() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
CVE-2022-40831 1 Codeigniter 1 Codeigniter 2024-11-21 9.8 Critical
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php like() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
CVE-2022-40830 1 Codeigniter 1 Codeigniter 2024-11-21 9.8 Critical
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php where_not_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
CVE-2022-40829 1 Codeigniter 1 Codeigniter 2024-11-21 9.8 Critical
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_like() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
CVE-2022-40826 2 Bcit-ci, Codeigniter 2 Codeigniter, Codeigniter 2024-11-21 9.8 Critical
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_having() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
CVE-2022-40825 1 Codeigniter 1 Codeigniter 2024-11-21 9.8 Critical
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php where_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
CVE-2022-40824 2 Bcit-ci, Codeigniter 2 Codeigniter, Codeigniter 2024-11-21 9.8 Critical
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_where() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
CVE-2022-40812 1 Democritus Pdfs Project 1 Democritus Pdfs 2024-11-21 9.8 Critical
The d8s-pdfs for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0.
CVE-2022-40811 1 Democritus Urls Project 1 Democritus Urls 2024-11-21 9.8 Critical
The d8s-urls for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0.
CVE-2022-40810 1 Democritus Ip Addresses Project 1 Democritus Ip Addresses 2024-11-21 9.8 Critical
The d8s-ip-addresses for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hypothesis package. The affected version is 0.1.0
CVE-2022-40809 1 Democritus Dicts Project 1 Democritus Dicts 2024-11-21 9.8 Critical
The d8s-dicts for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hypothesis package. The affected version is 0.1.0
CVE-2022-40808 1 Democritus Dates Project 1 Democritus Dates 2024-11-21 9.8 Critical
The d8s-dates for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hypothesis package. The affected version is 0.1.0
CVE-2022-40807 1 Democritus Domains Project 1 Democritus Domains 2024-11-21 9.8 Critical
The d8s-domains for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hypothesis package. The affected version is 0.1.0
CVE-2022-40806 1 Democritus Uuids Project 1 Democritus Uuids 2024-11-21 9.8 Critical
The d8s-uuids for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hypothesis package. The affected version is 0.1.0
CVE-2022-40805 1 Democritus Urls Project 1 Democritus Urls 2024-11-21 9.8 Critical
The d8s-urls for python 0.1.0, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-hypothesis package.
CVE-2022-40778 1 Opswat 1 Metadefender 2024-11-21 5.4 Medium
A stored Cross-Site Scripting (XSS) vulnerability in OPSWAT MetaDefender ICAP Server before 4.13.0 allows attackers to execute arbitrary JavaScript or HTML because of the blocked page response.
CVE-2022-40777 1 Interspire 1 Email Marketer 2024-11-21 8.8 High
Interspire Email Marketer through 6.5.0 allows arbitrary file upload via a surveys_submit.php "create survey and submit survey" operation, which can cause a .php file to be accessible under a /admin/temp/surveys/ URI. NOTE: this issue exists because of an incomplete fix for CVE-2018-19550.
CVE-2022-40775 1 Axiosys 1 Bento4 2024-11-21 5.5 Medium
An issue was discovered in Bento4 through 1.6.0-639. A NULL pointer dereference occurs in AP4_StszAtom::WriteFields.