Search Results (363962 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-30454 1 Merchandise Online Store Project 1 Merchandise Online Store 2024-11-21 9.8 Critical
Merchandise Online Store 1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_product.
CVE-2022-30453 1 Shopwind 1 Shopwind 2024-11-21 9.8 Critical
ShopWind <= 3.4.2 has a RCE vulnerability in Database.php
CVE-2022-30452 1 Shopwind 1 Shopwind 2024-11-21 7.2 High
ShopWind <= v3.4.2 has a Sql injection vulnerability in Database.php
CVE-2022-30451 1 Waimairencms Project 1 Waimairencms 2024-11-21 8.8 High
An authenticated user could execute code via a SQLi vulnerability in waimairenCMS before version 9.1.
CVE-2022-30450 1 Waimairencms Project 1 Waimairencms 2024-11-21 9.8 Critical
A Remote Code Execution (RCE) vulnerability exists in waimairen 9.1 via wx.php
CVE-2022-30449 1 Hospital Management System Project 1 Hospital Management System 2024-11-21 9.8 Critical
Hospital Management System in PHP with Source Code (HMS) 1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in room.php.
CVE-2022-30448 1 Hospital Management System Project 1 Hospital Management System 2024-11-21 9.8 Critical
Hospital Management System in PHP with Source Code (HMS) 1.0 was discovered to contain a File upload vulnerability in treatmentrecord.php.
CVE-2022-30429 1 Neos 1 Neos Cms 2024-11-21 5.4 Medium
Multiple cross-site scripting (XSS) vulnerabilities in Neos CMS allow attackers with the editor role or higher to inject arbitrary script or HTML code using the editor function, the deletion of assets, or a workspace title. The vulnerabilities were found in versions 3.3.29 and 8.0.1 and could also be present in all intermediate versions.
CVE-2022-30428 1 Ginadmin Project 1 Ginadmin 2024-11-21 7.5 High
In ginadmin through 05-10-2022, the incoming path value is not filtered, resulting in arbitrary file reading.
CVE-2022-30427 1 Ginadmin Project 1 Ginadmin 2024-11-21 7.5 High
In ginadmin through 05-10-2022 the incoming path value is not filtered, resulting in directory traversal.
CVE-2022-30425 1 Tenda 2 Hg6, Hg6 Firmware 2024-11-21 8.8 High
Tenda Technology Co.,Ltd HG6 3.3.0-210926 was discovered to contain a command injection vulnerability via the pingAddr and traceAddr parameters. This vulnerability is exploited via a crafted POST request.
CVE-2022-30423 1 Merchandise Online Store Project 1 Merchandise Online Store 2024-11-21 9.8 Critical
Merchandise Online Store v1.0 by oretnom23 has an arbitrary code execution (RCE) vulnerability in the user profile upload point in the system information.
CVE-2022-30422 1 Proietti 1 Planet Time Enterprise 2024-11-21 9.8 Critical
Proietti Tech srl Planet Time Enterprise 4.2.0.1,4.2.0.0,4.1.0.0,4.0.0.0,3.3.1.0,3.3.0.0 is vulnerable to Remote code execution via the Viewstate parameter.
CVE-2022-30417 1 Covid 19 Travel Pass Management System Project 1 Covid 19 Travel Pass Management System 2024-11-21 7.2 High
Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via ctpms/admin/?page=user/manage_user&id=.
CVE-2022-30415 1 Covid 19 Travel Pass Management System Project 1 Covid 19 Travel Pass Management System 2024-11-21 7.2 High
Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/applications/update_status.php?id=.
CVE-2022-30414 1 Covid 19 Travel Pass Management System Project 1 Covid 19 Travel Pass Management System 2024-11-21 7.2 High
Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/?page=applications/view_application&id=.
CVE-2022-30413 1 Covid 19 Travel Pass Management System Project 1 Covid 19 Travel Pass Management System 2024-11-21 9.8 Critical
Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/classes/Master.php?f=delete_application.
CVE-2022-30412 1 Covid 19 Travel Pass Management System Project 1 Covid 19 Travel Pass Management System 2024-11-21 7.2 High
Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/individuals/update_status.php?id=.
CVE-2022-30411 1 Covid 19 Travel Pass Management System Project 1 Covid 19 Travel Pass Management System 2024-11-21 7.2 High
Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/?page=individuals/view_individual&id=.
CVE-2022-30408 1 Covid 19 Travel Pass Management System Project 1 Covid 19 Travel Pass Management System 2024-11-21 6.5 Medium
Covid-19 Travel Pass Management System v1.0 is vulnerable to file deletion via /ctpms/classes/Master.php?f=delete_img.