Total
217 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-4011 | 1 Simple History Project | 1 Simple History | 2024-08-03 | 6.5 Medium |
| A vulnerability was found in Simple History Plugin. It has been rated as critical. This issue affects some unknown processing of the component Header Handler. The manipulation of the argument X-Forwarded-For leads to improper output neutralization for logs. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-213785 was assigned to this vulnerability. | ||||
| CVE-2022-3992 | 1 Sanitization Management System Project | 1 Sanitization Management System | 2024-08-03 | 2.4 Low |
| A vulnerability classified as problematic was found in SourceCodester Sanitization Management System. Affected by this vulnerability is an unknown functionality of the file admin/?page=system_info of the component Banner Image Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-213571. | ||||
| CVE-2022-4015 | 1 Sports Club Management System Project | 1 Sports Club Management System | 2024-08-03 | 4.7 Medium |
| A vulnerability, which was classified as critical, was found in Sports Club Management System 119. This affects an unknown part of the file admin/make_payments.php. The manipulation of the argument m_id/plan leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-213789 was assigned to this vulnerability. | ||||
| CVE-2022-3950 | 1 Publiccms | 1 Publiccms | 2024-08-03 | 3.5 Low |
| A vulnerability, which was classified as problematic, was found in sanluan PublicCMS. Affected is the function initLink of the file dwz.min.js of the component Tab Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is a972dc9b1c94aea2d84478bf26283904c21e4ca2. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-213456. | ||||
| CVE-2022-4053 | 1 Student Attendance Management System Project | 1 Student Attendance Management System | 2024-08-03 | 2.4 Low |
| A vulnerability was found in Student Attendance Management System. It has been classified as problematic. Affected is an unknown function of the file createClass.php. The manipulation of the argument className leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-213846 is the identifier assigned to this vulnerability. | ||||
| CVE-2022-3997 | 1 Scm Project | 1 Scm | 2024-08-03 | 6.3 Medium |
| A vulnerability, which was classified as critical, has been found in MonikaBrzica scm. Affected by this issue is some unknown functionality of the file upis_u_bazu.php. The manipulation of the argument email/lozinka/ime/id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-213698 is the identifier assigned to this vulnerability. | ||||
| CVE-2022-3949 | 1 Simple Cashiering System Project | 1 Simple Cashiering System | 2024-08-03 | 3.5 Low |
| A vulnerability, which was classified as problematic, has been found in Sourcecodester Simple Cashiering System. This issue affects some unknown processing of the component User Account Handler. The manipulation of the argument fullname leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-213455. | ||||
| CVE-2022-3971 | 1 Matrix | 1 Matrix Irc Bridge | 2024-08-03 | 4.6 Medium |
| A vulnerability was found in matrix-appservice-irc up to 0.35.1. It has been declared as critical. This vulnerability affects unknown code of the file src/datastore/postgres/PgDataStore.ts. The manipulation of the argument roomIds leads to sql injection. Upgrading to version 0.36.0 is able to address this issue. The name of the patch is 179313a37f06b298150edba3e2b0e5a73c1415e7. It is recommended to upgrade the affected component. VDB-213550 is the identifier assigned to this vulnerability. | ||||
| CVE-2022-3973 | 1 Hms-php Project | 1 Hms-php | 2024-08-03 | 7.3 High |
| A vulnerability classified as critical has been found in Pingkon HMS-PHP. Affected is an unknown function of the file /admin/admin.php of the component Data Pump Metadata. The manipulation of the argument uname/pass leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-213552. | ||||
| CVE-2022-3942 | 1 Sanitization Management System Project | 1 Sanitization Management System | 2024-08-03 | 4.3 Medium |
| A vulnerability was found in SourceCodester Sanitization Management System and classified as problematic. This issue affects some unknown processing of the file php-sms/?p=request_quote. The manipulation leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-213449 was assigned to this vulnerability. | ||||
| CVE-2022-3968 | 1 Emlog | 1 Emlog | 2024-08-03 | 3.5 Low |
| A vulnerability has been found in emlog and classified as problematic. Affected by this vulnerability is an unknown functionality of the file admin/article_save.php. The manipulation of the argument tag leads to cross site scripting. The attack can be launched remotely. The name of the patch is 5bf7a79826e0ea09bcc8a21f69a0c74107761a02. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-213547. | ||||
| CVE-2022-3947 | 1 Eolink | 1 Goku Lite | 2024-08-03 | 6.3 Medium |
| A vulnerability classified as critical has been found in eolinker goku_lite. This affects an unknown part of the file /balance/service/list. The manipulation of the argument route/keyword leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-213453 was assigned to this vulnerability. | ||||
| CVE-2022-3955 | 1 Crm42 Project | 1 Crm42 | 2024-08-03 | 7.3 High |
| A vulnerability was found in tholum crm42. It has been rated as critical. This issue affects some unknown processing of the file crm42\class\class.user.php of the component Login. The manipulation of the argument user_name leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-213461 was assigned to this vulnerability. | ||||
| CVE-2022-3956 | 1 Hhims Project | 1 Hhims | 2024-08-03 | 6.3 Medium |
| A vulnerability classified as critical has been found in tsruban HHIMS 2.1. Affected is an unknown function of the component Patient Portrait Handler. The manipulation of the argument PID leads to sql injection. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. VDB-213462 is the identifier assigned to this vulnerability. | ||||
| CVE-2022-3941 | 1 Activity Log Project | 1 Activity Log | 2024-08-03 | 5.3 Medium |
| A vulnerability has been found in Activity Log Plugin and classified as critical. This vulnerability affects unknown code of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to improper output neutralization for logs. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-213448. | ||||
| CVE-2022-3943 | 1 Foru Cms Project | 1 Foru Cms | 2024-08-03 | 3.5 Low |
| A vulnerability was found in ForU CMS. It has been classified as problematic. Affected is an unknown function of the file cms_chip.php. The manipulation of the argument name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-213450 is the identifier assigned to this vulnerability. | ||||
| CVE-2022-3948 | 1 Eolink | 1 Goku Lite | 2024-08-03 | 6.3 Medium |
| A vulnerability classified as critical was found in eolinker goku_lite. This vulnerability affects unknown code of the file /plugin/getList. The manipulation of the argument route/keyword leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-213454 is the identifier assigned to this vulnerability. | ||||
| CVE-2022-3845 | 1 Phpipam | 1 Phpipam | 2024-08-03 | 2.4 Low |
| A vulnerability has been found in phpipam and classified as problematic. Affected by this vulnerability is an unknown functionality of the file app/admin/import-export/import-load-data.php of the component Import Preview Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 1.5.0 is able to address this issue. The name of the patch is 22c797c3583001211fe7d31bccd3f1d4aeeb3bbc. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-212863. | ||||
| CVE-2022-3868 | 1 Sanitization Management System Project | 1 Sanitization Management System | 2024-08-03 | 4.7 Medium |
| A vulnerability classified as critical has been found in SourceCodester Sanitization Management System. Affected is an unknown function of the file /php-sms/classes/Master.php?f=save_quote. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-213012. | ||||
| CVE-2022-3877 | 1 Clickstudios | 1 Passwordstate | 2024-08-03 | 3.5 Low |
| A vulnerability, which was classified as problematic, was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. Affected is an unknown function of the component URL Field Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. VDB-216246 is the identifier assigned to this vulnerability. | ||||