Search Results (363504 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-28015 1 Attendance And Payroll System Project 1 Attendance And Payroll System 2024-11-21 8.8 High
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\cashadvance_edit.php.
CVE-2022-28014 1 Attendance And Payroll System Project 1 Attendance And Payroll System 2024-11-21 8.8 High
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\attendance_edit.php.
CVE-2022-28013 1 Attendance And Payroll System Project 1 Attendance And Payroll System 2024-11-21 8.8 High
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\schedule_employee_edit.php.
CVE-2022-28012 1 Attendance And Payroll System Project 1 Attendance And Payroll System 2024-11-21 8.8 High
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\position_delete.php.
CVE-2022-28011 1 Attendance And Payroll System Project 1 Attendance And Payroll System 2024-11-21 8.8 High
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\schedule_delete.php.
CVE-2022-28010 1 Attendance And Payroll System Project 1 Attendance And Payroll System 2024-11-21 8.8 High
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\overtime_delete.php.
CVE-2022-28009 1 Attendance And Payroll System Project 1 Attendance And Payroll System 2024-11-21 8.8 High
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\attendance_delete.php.
CVE-2022-28008 1 Attendance And Payroll System Project 1 Attendance And Payroll System 2024-11-21 8.8 High
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\attendance_delete.php.
CVE-2022-28007 1 Attendance And Payroll System Project 1 Attendance And Payroll System 2024-11-21 8.8 High
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\cashadvance_delete.php.
CVE-2022-28006 1 Attendance And Payroll System Project 1 Attendance And Payroll System 2024-11-21 8.8 High
Attendance and Payroll System v1.0 was discovered to contain a SQL injection vulnerability via the component \admin\employee_delete.php.
CVE-2022-28005 1 3cx 1 3cx 2024-11-21 9.8 Critical
An issue was discovered in the 3CX Phone System Management Console prior to version 18 Update 3 FINAL. An unauthenticated attacker could abuse improperly secured access to arbitrary files on the server (via /Electron/download directory traversal in conjunction with a path component that uses backslash characters), leading to cleartext credential disclosure. Afterwards, the authenticated attacker is able to upload a file that overwrites a 3CX service binary, leading to Remote Code Execution as NT AUTHORITY\SYSTEM on Windows installations. NOTE: this issue exists because of an incomplete fix for CVE-2022-48482.
CVE-2022-28002 1 Movie Seat Reservation Project 1 Movie Seat Reservation 2024-11-21 7.5 High
Movie Seat Reservation v1 was discovered to contain an unauthenticated file disclosure vulnerability via /index.php?page=home.
CVE-2022-28001 1 Movie Seat Reservation Project 1 Movie Seat Reservation 2024-11-21 9.8 Critical
Movie Seat Reservation v1 was discovered to contain a SQL injection vulnerability at /index.php?page=reserve via the id parameter.
CVE-2022-28000 1 Car Rental System Project 1 Car Rental System 2024-11-21 8.8 High
Car Rental System v1.0 was discovered to contain a SQL injection vulnerability at /Car_Rental/booking.php via the id parameter.
CVE-2022-27992 1 Phpgurukul 1 Zoo Management System 2024-11-21 8.8 High
Zoo Management System v1.0 was discovered to contain a SQL injection vulnerability at /public_html/animals via the class_id parameter.
CVE-2022-27991 1 Online Banking System Project 1 Online Banking System 2024-11-21 6.5 Medium
Online Banking System in PHP v1 was discovered to contain multiple SQL injection vulnerabilities at /staff_login.php via the Staff ID and Staff Password parameters.
CVE-2022-27985 1 Cuppacms 1 Cuppacms 2024-11-21 9.8 Critical
CuppaCMS v1.0 was discovered to contain a SQL injection vulnerability via /administrator/alerts/alertLightbox.php.
CVE-2022-27984 1 Cuppacms 1 Cuppacms 2024-11-21 9.8 Critical
CuppaCMS v1.0 was discovered to contain a SQL injection vulnerability via the menu_filter parameter at /administrator/templates/default/html/windows/right.php.
CVE-2022-27983 1 Ruijienetworks 2 Rg-nbr2100g-e, Rg-nbr2100g-e Firmware 2024-11-21 7.5 High
RG-NBR-E Enterprise Gateway RG-NBR2100G-E was discovered to contain an arbitrary file read vulnerability via the url parameter in check.php.
CVE-2022-27982 1 Ruijienetworks 2 Rg-nbr2100g-e, Rg-nbr2100g-e Firmware 2024-11-21 9.8 Critical
RG-NBR-E Enterprise Gateway RG-NBR2100G-E was discovered to contain a remote code execution (RCE) vulnerability via the fileName parameter at /guest_auth/cfg/upLoadCfg.php.