Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2022-44290 |
|
SQL Injection in sqli (CVE-2022-44290)
SQL injection in sqli (CVE-2022-44290). Successful exploitation can lead to full system takeover.
|
| CVE-2022-44291 |
|
SQL Injection in sqli (CVE-2022-44291)
SQL injection in sqli (CVE-2022-44291). Successful exploitation can lead to full system takeover.
|
| CVE-2022-37721 |
|
Cross-Site Scripting (XSS) in privilege-escalation (CVE-2022-37721)
cross-site scripting in privilege-escalation (CVE-2022-37721). Successful exploitation can lead to full system takeover.
|
| CVE-2022-37720 |
|
Cross-Site Scripting (XSS) in privilege-escalation (CVE-2022-37720)
cross-site scripting in privilege-escalation (CVE-2022-37720). Successful exploitation can lead to full system takeover.
|
| CVE-2022-40842 |
|
SSRF (Server-Side Request Forgery) in ssrf (CVE-2022-40842)
SSRF in ssrf (CVE-2022-40842). Confidential information can be exposed externally.
|
| CVE-2022-36180 |
|
Cross-Site Scripting (XSS) in fusiondirectory (CVE-2022-36180)
cross-site scripting in fusiondirectory (CVE-2022-36180). Successful exploitation can lead to full system takeover.
|
| CVE-2022-42120 |
|
SQL Injection in c (CVE-2022-42120)
SQL injection in c (CVE-2022-42120). Successful exploitation can lead to full system takeover. Exploitable via ``namespace``.
|
| CVE-2022-35156 |
|
SQL Injection in sqli (CVE-2022-35156)
SQL injection in sqli (CVE-2022-35156). Successful exploitation can lead to full system takeover.
|
| CVE-2022-40030 |
|
SQL Injection in sqli (CVE-2022-40030)
SQL injection in sqli (CVE-2022-40030). Successful exploitation can lead to full system takeover.
|
| CVE-2022-36536 |
|
Vulnerability in syncovery (CVE-2022-36536)
vulnerability in syncovery (CVE-2022-36536). Successful exploitation can lead to full system takeover.
|
| CVE-2022-37257 |
|
Vulnerability in stealjs (CVE-2022-37257)
vulnerability in stealjs (CVE-2022-37257). Successful exploitation can lead to full system takeover.
|
| CVE-2022-36202 |
|
Vulnerability in doctors-appointment-system-project (CVE-2022-36202)
vulnerability in doctors-appointment-system-project (CVE-2022-36202). Successful exploitation can lead to full system takeover.
|
| CVE-2022-37053 |
|
TRENDnet TEW733GR v1.03B01 is vulnerable to Command injection via /htdocs/upnpinc/gena.php.
TRENDnet TEW733GR v1.03B01 is vulnerable to Command injection via /htdocs/upnpinc/gena.php.
|
| CVE-2022-36262 |
|
Code Injection in taogogo (CVE-2022-36262)
code injection in taogogo (CVE-2022-36262). Successful exploitation can lead to full system takeover.
|
| CVE-2021-41556 |
|
Out-of-Bounds Read in cpp (CVE-2021-41556)
vulnerability in cpp (CVE-2021-41556). Successful exploitation can lead to full system takeover.
|
| CVE-2022-33047 |
|
OTFCC v0.10.4 was discovered to contain a heap buffer overflow after free via otfccbuild.c.
OTFCC v0.10.4 was discovered to contain a heap buffer overflow after free via otfccbuild.c.
|
| CVE-2022-31384 |
|
SQL Injection in sqli (CVE-2022-31384)
SQL injection in sqli (CVE-2022-31384). Successful exploitation can lead to full system takeover.
|
| CVE-2022-31382 |
|
SQL Injection in sqli (CVE-2022-31382)
SQL injection in sqli (CVE-2022-31382). Successful exploitation can lead to full system takeover.
|
| CVE-2022-31383 |
|
SQL Injection in sqli (CVE-2022-31383)
SQL injection in sqli (CVE-2022-31383). Successful exploitation can lead to full system takeover.
|
| CVE-2021-42675 |
|
Unrestricted File Upload in kreado (CVE-2021-42675)
vulnerability in kreado (CVE-2021-42675). Successful exploitation can lead to full system takeover.
|
| CVE-2022-32511 |
|
Unsafe Deserialization in jmespath (CVE-2022-32511)
vulnerability in jmespath (CVE-2022-32511). Successful exploitation can lead to full system takeover. Mitigation: upgrade to `1.6.1` or later.
|
| CVE-2022-30490 |
|
SQL Injection in sqli (CVE-2022-30490)
SQL injection in sqli (CVE-2022-30490). Successful exploitation can lead to full system takeover.
|
| CVE-2020-25912 |
|
XXE (XML External Entity) in dos (CVE-2020-25912)
vulnerability in dos (CVE-2020-25912). Confidential information can be exposed externally.
|
| CVE-2021-41326 |
|
Vulnerability in misp-project (CVE-2021-41326)
vulnerability in misp-project (CVE-2021-41326). Successful exploitation can lead to full system takeover.
|
| CVE-2021-39302 |
|
SQL Injection in sqli (CVE-2021-39302)
SQL injection in sqli (CVE-2021-39302). Successful exploitation can lead to full system takeover.
|
| CVE-2020-29006 |
|
Vulnerability in misp-project (CVE-2020-29006)
vulnerability in misp-project (CVE-2020-29006). Successful exploitation can lead to full system takeover.
|
| CVE-2020-15411 |
|
Privilege Escalation in misp-project (CVE-2020-15411)
vulnerability in misp-project (CVE-2020-15411). Successful exploitation can lead to full system takeover.
|
| CVE-2022-29347 |
|
Unrestricted File Upload in web-at-rchiv-project (CVE-2022-29347)
vulnerability in web-at-rchiv-project (CVE-2022-29347). Successful exploitation can lead to full system takeover.
|
| CVE-2022-27984 |
|
SQL Injection in sqli (CVE-2022-27984)
SQL injection in sqli (CVE-2022-27984). Successful exploitation can lead to full system takeover.
|
| CVE-2022-27985 |
|
SQL Injection in sqli (CVE-2022-27985)
SQL injection in sqli (CVE-2022-27985). Successful exploitation can lead to full system takeover.
|
| CVE-2022-28093 |
|
Vulnerability in online-sports-complex-booking-system-project (CVE-2022-28093)
vulnerability in online-sports-complex-booking-system-project (CVE-2022-28093). Successful exploitation can lead to full system takeover.
|
| CVE-2021-37291 |
|
SQL Injection in sqli (CVE-2021-37291)
SQL injection in sqli (CVE-2021-37291). Successful exploitation can lead to full system takeover.
|
| CVE-2022-26645 |
|
Unrestricted File Upload in oretnom23 (CVE-2022-26645)
vulnerability in oretnom23 (CVE-2022-26645). Successful exploitation can lead to full system takeover.
|
| CVE-2021-45834 |
|
Unrestricted File Upload in opendocman (CVE-2021-45834)
vulnerability in opendocman (CVE-2021-45834). Successful exploitation can lead to full system takeover.
|
| CVE-2021-44087 |
|
Vulnerability in attendance-and-payroll-system-project (CVE-2021-44087)
vulnerability in attendance-and-payroll-system-project (CVE-2021-44087). Successful exploitation can lead to full system takeover.
|
| CVE-2021-42216 |
|
A Broken or Risky Cryptographic Algorithm exists in AnonAddy 0.8.5 via VerificationController.php.
A Broken or Risky Cryptographic Algorithm exists in AnonAddy 0.8.5 via VerificationController.php.
|
| CVE-2021-28860 |
|
Vulnerability in dos (CVE-2021-28860)
vulnerability in dos (CVE-2021-28860). Data can be tampered with by attackers.
|
| CVE-2021-30246 |
|
Vulnerability in kjur (CVE-2021-30246)
vulnerability in kjur (CVE-2021-30246). Confidential information can be exposed externally.
|
| CVE-2020-24913 |
|
SQL Injection in c (CVE-2020-24913)
SQL injection in c (CVE-2020-24913). Successful exploitation can lead to full system takeover.
|
| CVE-2020-24914 |
|
Unsafe Deserialization in qcubed (CVE-2020-24914)
vulnerability in qcubed (CVE-2020-24914). Successful exploitation can lead to full system takeover.
|
| CVE-2020-14967 |
|
Buffer Overflow in kjur (CVE-2020-14967)
vulnerability in kjur (CVE-2020-14967). Successful exploitation can lead to full system takeover.
|
| CVE-2020-14968 |
|
Buffer Overflow in kjur (CVE-2020-14968)
vulnerability in kjur (CVE-2020-14968). Successful exploitation can lead to full system takeover.
|
| CVE-2019-19634 |
|
Unrestricted File Upload in csharp (CVE-2019-19634)
vulnerability in csharp (CVE-2019-19634). Successful exploitation can lead to full system takeover.
|
| CVE-2019-19576 |
|
Unrestricted File Upload in csharp (CVE-2019-19576)
vulnerability in csharp (CVE-2019-19576). Successful exploitation can lead to full system takeover.
|
| CVE-2018-16988 |
|
Vulnerability in buffalo (CVE-2018-16988)
vulnerability in buffalo (CVE-2018-16988). Successful exploitation can lead to full system takeover.
|
| CVE-2018-12649 |
|
Vulnerability in misp-project (CVE-2018-12649)
vulnerability in misp-project (CVE-2018-12649). Successful exploitation can lead to full system takeover.
|
| CVE-2017-8046 |
|
Vulnerability in spring (CVE-2017-8046)
vulnerability in spring (CVE-2017-8046). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17992 |
|
Path Traversal in path-traversal (CVE-2017-17992)
path traversal in path-traversal (CVE-2017-17992). Successful exploitation can lead to full system takeover.
|
| CVE-2014-3630 |
|
XXE (XML External Entity) in dos (CVE-2014-3630)
vulnerability in dos (CVE-2014-3630). Successful exploitation can lead to full system takeover.
|
| CVE-2017-17957 |
|
PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the my_wishlist.php fid parameter.
PHP Scripts Mall PHP Multivendor Ecommerce has SQL Injection via the my_wishlist.php fid parameter.
|