Total
2510 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-44052 | 1 Democritus | 1 D8s-dates | 2024-08-03 | 9.8 Critical |
The d8s-dates for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-timezones package. The affected version of d8s-htm is 0.1.0. | ||||
CVE-2022-44050 | 1 Democritus | 1 D8s-networking | 2024-08-03 | 9.8 Critical |
The d8s-networking for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-json package. The affected version of d8s-htm is 0.1.0. | ||||
CVE-2022-44048 | 1 Democritus | 1 D8s-urls | 2024-08-03 | 9.8 Critical |
The d8s-urls for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-domains package. The affected version of d8s-htm is 0.1.0. | ||||
CVE-2022-44049 | 1 Democritus | 1 D8s-python | 2024-08-03 | 9.8 Critical |
The d8s-python for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-grammars package. The affected version of d8s-htm is 0.1.0. | ||||
CVE-2022-43979 | 1 Pandorafms | 1 Pandora Fms | 2024-08-03 | 5.9 Medium |
There is a Path Traversal that leads to a Local File Inclusion in Pandora FMS v764. A function is called to check that the parameter that the user has inserted does not contain malicious characteres, but this check is insufficient. An attacker could insert an absolute path to overcome the heck, thus being able to incluse any PHP file that resides on the disk. The exploitation of this vulnerability could lead to a remote code execution. | ||||
CVE-2022-43436 | 1 Easy Test Project | 1 Easy Test | 2024-08-03 | 8.8 High |
The File Upload function of EasyTest has insufficient filtering for special characters and file type. A remote attacker authenticated as a general user can upload and execute arbitrary files, to manipulate system or disrupt service. | ||||
CVE-2022-43305 | 1 Democritus | 1 D8s-python | 2024-08-03 | 9.8 Critical |
The d8s-python for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-algorithms package. The affected version of d8s-htm is 0.1.0. | ||||
CVE-2022-43304 | 1 Democritus | 1 D8s-timer | 2024-08-03 | 9.8 Critical |
The d8s-timer for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-uuids package. The affected version of d8s-htm is 0.1.0. | ||||
CVE-2022-43283 | 1 Webassembly | 1 Wabt | 2024-08-03 | 5.5 Medium |
wasm2c v1.0.29 was discovered to contain an abort in CWriter::Write. | ||||
CVE-2022-43306 | 1 Democritus | 1 D8s-timer | 2024-08-03 | 8.8 High |
The d8s-timer for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-dates package. The affected version of d8s-htm is 0.1.0. | ||||
CVE-2022-43085 | 1 Codeastro | 1 Restaurant Pos System | 2024-08-03 | 7.2 High |
An arbitrary file upload vulnerability in add_product.php of Restaurant POS System v1.0 allows attackers to execute arbitrary code via a crafted PHP file. | ||||
CVE-2022-43277 | 1 Canteen Management System Project | 1 Canteen Management System | 2024-08-03 | 7.2 High |
Canteen Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via ip/youthappam/php_action/editFile.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file. | ||||
CVE-2022-43231 | 1 Canteen Management System Project | 1 Canteen Management System | 2024-08-03 | 7.2 High |
Canteen Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via /youthappam/manage_website.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file. | ||||
CVE-2022-43303 | 1 Democritus | 1 D8s-strings | 2024-08-03 | 9.8 Critical |
The d8s-strings for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-uuids package. The affected version of d8s-htm is 0.1.0. | ||||
CVE-2022-43275 | 1 Canteen Management System Project | 1 Canteen Management System | 2024-08-03 | 7.2 High |
Canteen Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via /youthappam/php_action/editProductImage.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file. | ||||
CVE-2022-43061 | 1 Online Tours \& Travels Management System Project | 1 Online Tours \& Travels Management System | 2024-08-03 | 7.2 High |
Online Tours & Travels Management System v1.0 was discovered to contain an arbitrary file upload vulnerability in the component /operations/travellers.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file. | ||||
CVE-2022-43265 | 1 Canteen Management System Project | 1 Canteen Management System | 2024-08-03 | 9.8 Critical |
An arbitrary file upload vulnerability in the component /pages/save_user.php of Canteen Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file. | ||||
CVE-2022-43234 | 1 Hoosk | 1 Hoosk | 2024-08-03 | 9.8 Critical |
An arbitrary file upload vulnerability in the /attachments component of Hoosk v1.8 allows attackers to execute arbitrary code via a crafted PHP file. | ||||
CVE-2022-43192 | 1 Dedecms | 1 Dedecms | 2024-08-03 | 6.7 Medium |
An arbitrary file upload vulnerability in the component /dede/file_manage_control.php of Dedecms v5.7.101 allows attackers to execute arbitrary code via a crafted PHP file. This vulnerability is related to an incomplete fix for CVE-2022-40886. | ||||
CVE-2022-43146 | 1 Canteen Management System Project | 1 Canteen Management System | 2024-08-03 | 7.2 High |
An arbitrary file upload vulnerability in the image upload function of Canteen Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file. |