Vulnerabilities

Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.

Filtering: Group: languages Clear
ID Title
CVE-2022-44290 SQL Injection in sqli (CVE-2022-44290)
SQL injection in sqli (CVE-2022-44290). Successful exploitation can lead to full system takeover.
CVE-2022-44291 SQL Injection in sqli (CVE-2022-44291)
SQL injection in sqli (CVE-2022-44291). Successful exploitation can lead to full system takeover.
CVE-2022-37721 Cross-Site Scripting (XSS) in privilege-escalation (CVE-2022-37721)
cross-site scripting in privilege-escalation (CVE-2022-37721). Successful exploitation can lead to full system takeover.
CVE-2022-37720 Cross-Site Scripting (XSS) in privilege-escalation (CVE-2022-37720)
cross-site scripting in privilege-escalation (CVE-2022-37720). Successful exploitation can lead to full system takeover.
CVE-2022-40842 SSRF (Server-Side Request Forgery) in ssrf (CVE-2022-40842)
SSRF in ssrf (CVE-2022-40842). Confidential information can be exposed externally.
CVE-2022-36180 Cross-Site Scripting (XSS) in fusiondirectory (CVE-2022-36180)
cross-site scripting in fusiondirectory (CVE-2022-36180). Successful exploitation can lead to full system takeover.
CVE-2022-42120 SQL Injection in c (CVE-2022-42120)
SQL injection in c (CVE-2022-42120). Successful exploitation can lead to full system takeover. Exploitable via ``namespace``.
CVE-2022-35156 SQL Injection in sqli (CVE-2022-35156)
SQL injection in sqli (CVE-2022-35156). Successful exploitation can lead to full system takeover.
CVE-2022-40030 SQL Injection in sqli (CVE-2022-40030)
SQL injection in sqli (CVE-2022-40030). Successful exploitation can lead to full system takeover.
CVE-2022-36536 Vulnerability in syncovery (CVE-2022-36536)
vulnerability in syncovery (CVE-2022-36536). Successful exploitation can lead to full system takeover.
CVE-2022-37257 Vulnerability in stealjs (CVE-2022-37257)
vulnerability in stealjs (CVE-2022-37257). Successful exploitation can lead to full system takeover.
CVE-2022-36202 Vulnerability in doctors-appointment-system-project (CVE-2022-36202)
vulnerability in doctors-appointment-system-project (CVE-2022-36202). Successful exploitation can lead to full system takeover.
CVE-2022-37053 TRENDnet TEW733GR v1.03B01 is vulnerable to Command injection via /htdocs/upnpinc/gena.php.
TRENDnet TEW733GR v1.03B01 is vulnerable to Command injection via /htdocs/upnpinc/gena.php.
CVE-2022-36262 Code Injection in taogogo (CVE-2022-36262)
code injection in taogogo (CVE-2022-36262). Successful exploitation can lead to full system takeover.
CVE-2021-41556 Out-of-Bounds Read in cpp (CVE-2021-41556)
vulnerability in cpp (CVE-2021-41556). Successful exploitation can lead to full system takeover.
CVE-2022-33047 OTFCC v0.10.4 was discovered to contain a heap buffer overflow after free via otfccbuild.c.
OTFCC v0.10.4 was discovered to contain a heap buffer overflow after free via otfccbuild.c.
CVE-2022-31384 SQL Injection in sqli (CVE-2022-31384)
SQL injection in sqli (CVE-2022-31384). Successful exploitation can lead to full system takeover.
CVE-2022-31382 SQL Injection in sqli (CVE-2022-31382)
SQL injection in sqli (CVE-2022-31382). Successful exploitation can lead to full system takeover.
CVE-2022-31383 SQL Injection in sqli (CVE-2022-31383)
SQL injection in sqli (CVE-2022-31383). Successful exploitation can lead to full system takeover.
CVE-2021-42675 Unrestricted File Upload in kreado (CVE-2021-42675)
vulnerability in kreado (CVE-2021-42675). Successful exploitation can lead to full system takeover.
CVE-2022-32511 Unsafe Deserialization in jmespath (CVE-2022-32511)
vulnerability in jmespath (CVE-2022-32511). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.6.1` or later.
CVE-2022-30490 SQL Injection in sqli (CVE-2022-30490)
SQL injection in sqli (CVE-2022-30490). Successful exploitation can lead to full system takeover.
CVE-2020-25912 XXE (XML External Entity) in dos (CVE-2020-25912)
vulnerability in dos (CVE-2020-25912). Confidential information can be exposed externally.
CVE-2021-41326 Vulnerability in misp-project (CVE-2021-41326)
vulnerability in misp-project (CVE-2021-41326). Successful exploitation can lead to full system takeover.
CVE-2021-39302 SQL Injection in sqli (CVE-2021-39302)
SQL injection in sqli (CVE-2021-39302). Successful exploitation can lead to full system takeover.
CVE-2020-29006 Vulnerability in misp-project (CVE-2020-29006)
vulnerability in misp-project (CVE-2020-29006). Successful exploitation can lead to full system takeover.
CVE-2020-15411 Privilege Escalation in misp-project (CVE-2020-15411)
vulnerability in misp-project (CVE-2020-15411). Successful exploitation can lead to full system takeover.
CVE-2022-29347 Unrestricted File Upload in web-at-rchiv-project (CVE-2022-29347)
vulnerability in web-at-rchiv-project (CVE-2022-29347). Successful exploitation can lead to full system takeover.
CVE-2022-27984 SQL Injection in sqli (CVE-2022-27984)
SQL injection in sqli (CVE-2022-27984). Successful exploitation can lead to full system takeover.
CVE-2022-27985 SQL Injection in sqli (CVE-2022-27985)
SQL injection in sqli (CVE-2022-27985). Successful exploitation can lead to full system takeover.
CVE-2022-28093 Vulnerability in online-sports-complex-booking-system-project (CVE-2022-28093)
vulnerability in online-sports-complex-booking-system-project (CVE-2022-28093). Successful exploitation can lead to full system takeover.
CVE-2021-37291 SQL Injection in sqli (CVE-2021-37291)
SQL injection in sqli (CVE-2021-37291). Successful exploitation can lead to full system takeover.
CVE-2022-26645 Unrestricted File Upload in oretnom23 (CVE-2022-26645)
vulnerability in oretnom23 (CVE-2022-26645). Successful exploitation can lead to full system takeover.
CVE-2021-45834 Unrestricted File Upload in opendocman (CVE-2021-45834)
vulnerability in opendocman (CVE-2021-45834). Successful exploitation can lead to full system takeover.
CVE-2021-44087 Vulnerability in attendance-and-payroll-system-project (CVE-2021-44087)
vulnerability in attendance-and-payroll-system-project (CVE-2021-44087). Successful exploitation can lead to full system takeover.
CVE-2021-42216 A Broken or Risky Cryptographic Algorithm exists in AnonAddy 0.8.5 via VerificationController.php.
A Broken or Risky Cryptographic Algorithm exists in AnonAddy 0.8.5 via VerificationController.php.
CVE-2021-28860 Vulnerability in dos (CVE-2021-28860)
vulnerability in dos (CVE-2021-28860). Data can be tampered with by attackers.
CVE-2021-30246 Vulnerability in kjur (CVE-2021-30246)
vulnerability in kjur (CVE-2021-30246). Confidential information can be exposed externally.
CVE-2020-24913 SQL Injection in c (CVE-2020-24913)
SQL injection in c (CVE-2020-24913). Successful exploitation can lead to full system takeover.
CVE-2020-24914 Unsafe Deserialization in qcubed (CVE-2020-24914)
vulnerability in qcubed (CVE-2020-24914). Successful exploitation can lead to full system takeover.
CVE-2020-14967 Buffer Overflow in kjur (CVE-2020-14967)
vulnerability in kjur (CVE-2020-14967). Successful exploitation can lead to full system takeover.
CVE-2020-14968 Buffer Overflow in kjur (CVE-2020-14968)
vulnerability in kjur (CVE-2020-14968). Successful exploitation can lead to full system takeover.
CVE-2019-19634 Unrestricted File Upload in csharp (CVE-2019-19634)
vulnerability in csharp (CVE-2019-19634). Successful exploitation can lead to full system takeover.
CVE-2019-19576 Unrestricted File Upload in csharp (CVE-2019-19576)
vulnerability in csharp (CVE-2019-19576). Successful exploitation can lead to full system takeover.
CVE-2018-16988 Vulnerability in buffalo (CVE-2018-16988)
vulnerability in buffalo (CVE-2018-16988). Successful exploitation can lead to full system takeover.
CVE-2018-12649 Vulnerability in misp-project (CVE-2018-12649)
vulnerability in misp-project (CVE-2018-12649). Successful exploitation can lead to full system takeover.
CVE-2017-8046 Vulnerability in spring (CVE-2017-8046)
vulnerability in spring (CVE-2017-8046). Successful exploitation can lead to full system takeover.
CVE-2017-17992 Path Traversal in path-traversal (CVE-2017-17992)
path traversal in path-traversal (CVE-2017-17992). Successful exploitation can lead to full system takeover.
CVE-2014-3630 XXE (XML External Entity) in dos (CVE-2014-3630)
vulnerability in dos (CVE-2014-3630). Successful exploitation can lead to full system takeover.
CVE-2017-17957 PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the my_wishlist.php fid parameter.
PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the my_wishlist.php fid parameter.

🍪 About cookies

We use cookies to keep you logged in, remember your language, and improve the service.

Details →