CNA 2022

VulDB is an officially certified CVE Numbering Authority (CNA) by MITRE and Authorized Data Publisher (ADP) by NIST NVD. We are authorized to handle new vulnerability submissions, assign unique CVEs and disclose them. CVE is an international program to discover vulnerabilities which are then assigned and published to the CVE list. Partners coordinate such CVE entries to communicate consistent descriptions. Information technology and cybersecurity professionals all around the world use CVE records to ensure they are discussing the same issues, and to coordinate their efforts to prioritize and address these properly.

Vendor

SourceCodester189
Not Defined154
Linux44
Axiomatic22
Click Studios7

Identifying all affected vendors is a good starting point for an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

Product

Linux Kernel44
Axiomatic Bento422
SourceCodester Human Resource Management System12
SourceCodester Gym Management System12
SourceCodester Sanitization Management System11

Grouping vulnerabilities by products helps to get an overview. This makes it possible to determine an homogeneous landscape or the most important hotspots in heterogeneous landscapes.

Remediation

Official Fix224
Temporary Fix0
Workaround6
Unavailable1
Not Defined376

Vendors and researchers are eager to find countermeasures to mitigate security vulnerabilities. These can be distinguished between multiple forms and levels of remediation which influence risks differently.

Exploitability

High0
Functional4
Proof-of-Concept399
Unproven0
Not Defined204

Researcher and attacker which are looking for security vulnerabilities try to exploit them for academic purposes or personal gain. The level and quality of exploitability can be distinguished to determine simplicity and strength of attacks.

Access Vector

Not Defined0
Physical1
Local12
Adjacent75
Network519

The approach a vulnerability it becomes important to use the expected access vector. This is typically via the network, local, or physically even.

Authentication

Not Defined0
High52
Low392
None163

To exploit a vulnerability a certail level of authentication might be required. Vulnerabilities without such a requirement are much more popular.

User Interaction

Not Defined0
Required267
None340

Some attack scenarios require some user interaction by a victim. This is typical for phishing, social engineering and cross site scripting attacks.

VulDB

≤10
≤21
≤343
≤4187
≤5108
≤663
≤7152
≤853
≤90
≤100

The moderation team is always defining the base vector and base score for an entry. These and all other available scores are used to generate the meta score.

Exploit 0-day

<1k158
<2k344
<5k83
<10k8
<25k14
<50k0
<100k0
≥100k0

The moderation team is working with the threat intelligence team to determine prices for exploits. Our unique algorithm is used to identify the 0-day prices for an exploit, before it got distributed or became public. Calculated prices are aligned to prices disclosed by vulnerability broker and compared to prices we see on exploit markets.

IDVulnerabilityScopeResponsibleSubmissionCreatedUpdatedCVESubmitCNA
258782sequentech admin-console Election Description cross site scriptingVulDBVulDB03/30/202403/30/2024CVE-2022-4966
 
accepted
257516Folio Spring Module Core Schema Name HibernateSchemaService.java dropSchema sql injectionVulDBVulDB03/20/202403/20/2024CVE-2022-4963
 
accepted
250430Apollo Configuration Center users improper authorization [Disputed]VulDBVulDB01/08/202401/11/202401/30/2024CVE-2022-4962263670
accepted
250243Weitong Mall OrderDao.xml sql injectionVulDBVulDB01/08/202401/10/202401/28/2024CVE-2022-4961263668
accepted
250238cloudfavorites favorites-web Nickname cross site scriptingVulDBVulDB01/08/202401/10/202401/28/2024CVE-2022-4960263667
accepted
250237qkmc-rk redbbs Nickname cross site scriptingVulDBVulDB01/08/202401/10/202401/28/2024CVE-2022-4959263665
accepted
250236qkmc-rk redbbs Post cross site scriptingVulDBVulDB01/08/202401/10/202401/28/2024CVE-2022-4958263666
accepted
246643librespeed speedtest stats.php cross site scriptingVulDBVulDB12/02/202312/22/2023CVE-2022-4957
 
accepted
240903Caphyon Advanced Installer WinSxS DLL uncontrolled search pathVulDBVulDB09/23/202309/29/202310/22/2023CVE-2022-4956212095
accepted
234238OmniSharp csharp-language-server-protocol JSON Serializer SerializerBase.cs CreateSerializerSettings resource consumptionVulDBVulDB07/15/202308/06/2023CVE-2022-4952
 
accepted
227000kalcaddle KodExplorer cross-site request forgeryVulDBVulDB04/21/202304/21/202305/15/2023CVE-2022-4944116770
accepted
226310mportuga eslint-detailed-reporter template-generator.js renderIssue cross site scriptingVulDBVulDB04/18/202305/09/2023CVE-2022-4942
 
accepted
223382ATM Consulting dolibarr_module_quicksupplierprice interface.php upatePrice sql injectionVulDBVulDB03/18/202304/11/2023CVE-2022-4933
 
accepted
222319nuxsmin sysPass URL cross site scriptingVulDBVulDB03/04/202303/31/2023CVE-2022-4930
 
accepted
222290icplayer tts-utils.js cross site scriptingVulDBVulDB03/03/202303/31/2023CVE-2022-4929
 
accepted
222289icplayer presenter.js AddonText_Selection_create cross site scriptingVulDBVulDB03/03/202303/31/2023CVE-2022-4928
 
accepted
222287ualbertalib NEOSDiscovery _refworks.html.erb reverse tabnabbingVulDBVulDB03/03/202303/31/2023CVE-2022-4927
 
accepted
220750UDX Stateless Media Plugin class-settings.php setup_wizard_interface cross site scriptingVulDBVulDB02/12/202303/10/2023CVE-2022-4905
 
accepted
220470CodenameOne implicit intentVulDBVulDB02/09/202303/09/2023CVE-2022-4903
 
accepted
220212eXo Chat Application Mention ExoChatMessageComposer.vue cross site scriptingVulDBVulDB02/05/202303/05/2023CVE-2022-4902
 
accepted
219253Apple macOS Vim use after freeVulDBVulDB01/24/202302/19/2023CVE-2022-3705
 
accepted
218895MyCMS Visitors Module view.php build_view cross site scriptingVulDBVulDB01/18/202302/15/2023CVE-2022-4892
 
accepted
218452Sisimai string.rb to_plain redosVulDBVulDB01/16/202302/09/2023CVE-2022-4891
 
accepted
218387abhilash1985 PredictApp Cookie new_framework_defaults_7_0.rb deserializationVulDBVulDB01/15/202302/07/2023CVE-2022-4890
 
accepted
218377visegripped Stracker api.php getHistory sql injectionVulDBVulDB01/14/202302/07/2023CVE-2022-4889
 
accepted
218020sviehb jefferson path traversalVulDBVulDB01/11/202302/04/2023CVE-2022-4885
 
accepted
217664kaltura mwEmbed Share Plugin share.js cross site scriptingVulDBVulDB01/09/202301/30/2023CVE-2022-4882
 
accepted
217646CapsAdmin PAC3 http.lua cross site scriptingVulDBVulDB01/08/202301/30/2023CVE-2022-4881
 
accepted
217617stakira OpenUtau ZIP Archive VoicebankInstaller.cs VoicebankInstaller path traversalVulDBVulDB01/07/202301/29/2023CVE-2022-4880
 
accepted
217555Forged Alliance Forever Vote improper authorizationVulDBVulDB01/06/202301/29/2023CVE-2022-4879
 
accepted
217548JATOS ZIP ZipUtil.java ZipUtil path traversalVulDBVulDB01/06/202301/29/2023CVE-2022-4878
 
accepted
217444snoyberg keter Proxy.hs cross site scriptingVulDBVulDB01/05/202301/28/2023CVE-2022-4877
 
accepted
217438Evolution Events Artaxerxes POST Parameter middleware.py information disclosureVulDBVulDB01/05/202301/28/2023CVE-2022-4869
 
accepted
217427Kaltura mwEmbed DefaultSettings.php cross site scriptingVulDBVulDB01/04/202301/28/2023CVE-2022-4876
 
accepted
217426fossology cross site scriptingVulDBVulDB01/04/202301/28/2023CVE-2022-4875
 
accepted
217270ummmmm nflpick-em.com LoadUsers.php _Load_Users sql injectionVulDBVulDB01/03/202301/27/2023CVE-2022-4871
 
accepted
217059KBase Metrics methods_upload_user_stats.py upload_user_data sql injectionVulDBVulDB12/30/202201/26/2023CVE-2022-4860
 
accepted
217055Joget User Profile Menu UserProfileMenu.java submitForm cross site scriptingVulDBVulDB12/30/202201/26/2023CVE-2022-4859
 
accepted
217022Modbus Tools Modbus Poll mbp File mbpoll.exe buffer overflowVulDBVulDB12/30/202212/30/202201/26/2023CVE-2022-485761270
accepted
217021Modbus Tools Modbus Slave mbs File mbslave.exe buffer overflowVulDBVulDB12/30/202212/30/202201/26/2023CVE-2022-485661263
accepted
217020SourceCodester Lead Management System login.php sql injectionVulDBVulDB12/30/202212/30/202201/26/2023CVE-2022-485561219
accepted
217002InSTEDD Nuntium geopoll_controller.rb timing discrepancyVulDBVulDB12/28/202201/26/2023CVE-2022-4823
 
accepted
217001FlatPress Setup main.lib.php cross site scriptingVulDBVulDB12/28/202205/13/2023CVE-2022-4822
 
accepted
217000FlatPress XML File Handler/MD File admin.uploader.php onupload cross site scriptingVulDBVulDB12/28/202207/04/2023CVE-2022-4821
 
accepted
216999FlatPress Admin Area admin.entry.list.php cross site scriptingVulDBVulDB12/28/202201/26/2023CVE-2022-4820
 
accepted
216998HotCRP cross site scriptingVulDBVulDB12/28/202201/26/2023CVE-2022-4819
 
accepted
216997Talend Open Studio for MDM SystemStorageWrapper.java xml external entity referenceVulDBVulDB12/28/202201/26/2023CVE-2022-4818
 
accepted
216988centic9 jgit-cookbook temp fileVulDBVulDB12/28/202201/25/2023CVE-2022-4817
 
accepted
216919cloudsync LocalFilesystemConnector.java getItem path traversalVulDBVulDB12/28/202201/25/2023CVE-2022-4773
 
accepted
216914Widoco WidocoUtils.java unZipIt path traversalVulDBVulDB12/27/202201/25/2023CVE-2022-4772
 
accepted
216906Dropbox merou SSH Public Key public_key.py add_public_key injectionVulDBVulDB12/27/202201/25/2023CVE-2022-4768
 
accepted
216880dolibarr_project_timesheet Form cross-site request forgeryVulDBVulDB12/27/202201/25/2023CVE-2022-4766
 
accepted
216869FlatPress Media Manager Plugin panel.mediamanager.file.php main cross site scriptingVulDBVulDB12/27/202205/13/2023CVE-2022-4755
 
accepted
216861FlatPress File Delete panel.mediamanager.file.php doItemActions path traversalVulDBVulDB12/27/202205/13/2023CVE-2022-4748
 
accepted
216794json-pointer index.js set prototype pollutionVulDBVulDB12/26/202204/04/2024CVE-2022-4742
 
accepted
216779docconv XMLToText memory allocationVulDBVulDB12/25/202201/24/2023CVE-2022-4741
 
accepted
216776kkFileView picturesPreview setWatermarkAttribute cross site scriptingVulDBVulDB12/25/202201/24/2023CVE-2022-4740
 
accepted
216775SourceCodester School Dormitory Management System Admin Login sql injectionVulDBVulDB12/22/202212/25/202201/24/2023CVE-2022-473959422
accepted
216774SourceCodester Blood Bank Management System User Registration cross site scriptingVulDBVulDB12/22/202212/25/202201/24/2023CVE-2022-473859419
accepted
216773SourceCodester Blood Bank Management System login.php sql injectionVulDBVulDB12/22/202212/25/202201/24/2023CVE-2022-473759418
accepted
216770Venganzas del Pasado cross site scriptingVulDBVulDB12/25/202201/24/2023CVE-2022-4736
 
accepted
216766asrashley dash-live DOM Node media.js ready cross site scriptingVulDBVulDB12/25/202201/24/2023CVE-2022-4735
 
accepted
216750myapnea Title cross site scriptingVulDBVulDB12/24/202201/24/2023CVE-2022-4731
 
accepted
216744Graphite Web Absolute Time Range cross site scriptingVulDBVulDB12/24/202201/24/2023CVE-2022-4730
 
accepted
216743Graphite Web Template Name cross site scriptingVulDBVulDB12/24/202201/24/2023CVE-2022-4729
 
accepted
216742Graphite Web Cookie cross site scriptingVulDBVulDB12/24/202201/24/2023CVE-2022-4728
 
accepted
216741OpenMRS Appointment Scheduling Module Notes AppointmentRequest.java getNotes cross site scriptingVulDBVulDB12/24/202201/24/2023CVE-2022-4727
 
accepted
216739SourceCodester Sanitization Management System Admin Login sql injectionVulDBVulDB12/24/202212/24/202201/24/2023CVE-2022-472659872
accepted
216737AWS SDK XML Parser XpathUtils.java XpathUtils server-side request forgeryVulDBVulDB12/24/202201/24/2023CVE-2022-4725
 
accepted
216502docconv pdf_ocr.go ConvertPDFImages os command injectionVulDBVulDB12/21/202201/22/2023CVE-2022-4643
 
accepted
216501tatoeba2 Profile Name cross site scriptingVulDBVulDB12/21/202201/22/2023CVE-2022-4642
 
accepted
216500pig-vector LogisticRegression.java LogisticRegression temp fileVulDBVulDB12/21/202201/22/2023CVE-2022-4641
 
accepted
216499Mingsoft MCMS Article save cross site scriptingVulDBVulDB12/21/202201/22/2023CVE-2022-4640
 
accepted
216497sslh Packet Dumping probe.c hexdump format stringVulDBVulDB12/21/202201/22/2023CVE-2022-4639
 
accepted
216496collective.contact.widget widgets.py title cross site scriptingVulDBVulDB12/21/202201/22/2023CVE-2022-4638
 
accepted
216495ep3-bs cross site scriptingVulDBVulDB12/21/202201/22/2023CVE-2022-4637
 
accepted
216482Auto Upload Images Settings setting-page.php cross-site request forgeryVulDBVulDB12/21/202201/22/2023CVE-2022-4633
 
accepted
216481Auto Upload Images cross site scriptingVulDBVulDB12/21/202201/22/2023CVE-2022-4632
 
accepted
216480WP-Ban ban-options.php cross site scriptingVulDBVulDB12/21/202201/22/2023CVE-2022-4631
 
accepted
216275Click Studios Passwordstate Browser Extension Provisioning improper authorizationVulDBVulDB12/19/202201/15/2023CVE-2022-4613
 
accepted
216274Click Studios Passwordstate insufficiently protected credentialsVulDBVulDB12/19/202201/15/2023CVE-2022-4612
 
accepted
216273Click Studios Passwordstate hard-coded credentialsVulDBVulDB12/19/202201/15/2023CVE-2022-4611
 
accepted
216272Click Studios Passwordstate risky encryptionVulDBVulDB12/19/202201/15/2023CVE-2022-4610
 
accepted
216246Click Studios Passwordstate URL Field cross site scriptingVulDBVulDB12/19/202201/15/2023CVE-2022-3877
 
accepted
216245Click Studios Passwordstate API authorizationVulDBVulDB12/19/202201/15/2023CVE-2022-3876
 
accepted
216244Click Studios Passwordstate API authentication bypass by assumed-immutable dataVulDBVulDB12/19/202201/15/2023CVE-2022-3875
 
accepted
2162153D City Database OGC Web Feature Service xml external entity referenceVulDBVulDB12/18/202201/15/2023CVE-2022-4607
 
accepted
216199wp-english-wp-admin Plugin english-wp-admin.php register_endpoints cross-site request forgeryVulDBVulDB12/18/202201/15/2023CVE-2022-4604
 
accepted
216198ppp pppdump pppdump.c dumpppp array index [Disputed]VulDBVulDB12/18/202201/15/2023CVE-2022-4603
 
accepted
216197Shoplazza LifeStyle Review Flow cross site scriptingVulDBVulDB12/18/202201/15/2023CVE-2022-4602
 
accepted
216196Shoplazza LifeStyle Shipping/Member Discount/Icon cross site scriptingVulDBVulDB12/18/202201/15/2023CVE-2022-4601
 
accepted
216195Shoplazza LifeStyle Product Carousel cross site scriptingVulDBVulDB12/18/202201/15/2023CVE-2022-4600
 
accepted
216194Shoplazza LifeStyle Product cross site scriptingVulDBVulDB12/18/202201/15/2023CVE-2022-4599
 
accepted
216193Shoplazza LifeStyle Announcement cross site scriptingVulDBVulDB12/18/202201/15/2023CVE-2022-4598
 
accepted
216192Shoplazza LifeStyle Create Product v2_products cross site scriptingVulDBVulDB12/18/202201/15/2023CVE-2022-4597
 
accepted
216191Shoplazza LifeStyle Add Blog Post cross site scriptingVulDBVulDB12/18/202201/15/2023CVE-2022-4596
 
accepted
216189django-openipam exposed_hosts.html cross site scriptingVulDBVulDB12/18/202201/15/2023CVE-2022-4595
 
accepted
216187drogatkin TJWS2 WarRoller.java deployWar path traversalVulDBVulDB12/18/202201/15/2023CVE-2022-4594
 
accepted
216186retra-system cross site scriptingVulDBVulDB12/18/202201/15/2023CVE-2022-4593
 
accepted
216185luckyshot CRMx index.php commentdelete sql injectionVulDBVulDB12/18/202201/15/2023CVE-2022-4592
 
accepted
216178mschaef toto Email Parameter cross site scriptingVulDBVulDB12/17/202201/14/2023CVE-2022-4591
 
accepted
216177mschaef toto Todo List cross site scriptingVulDBVulDB12/17/202201/14/2023CVE-2022-4590
 
accepted
216175cyface Terms and Conditions Module views.py returnTo redirectVulDBVulDB12/17/202201/14/2023CVE-2022-4589
 
accepted
216174Boston Sleep slice Layout cross site scriptingVulDBVulDB12/17/202201/14/2023CVE-2022-4588
 
accepted
216173Opencaching Deutschland oc-server3 Login Page login.tpl cross site scriptingVulDBVulDB12/17/202201/14/2023CVE-2022-4587
 
accepted
216172Opencaching Deutschland oc-server3 Cachelist cachelists.tpl cross site scriptingVulDBVulDB12/17/202201/14/2023CVE-2022-4586
 
accepted
216171Opencaching Deutschland oc-server3 Cookie start.tpl cross site scriptingVulDBVulDB12/17/202201/14/2023CVE-2022-4585
 
accepted
216170Axiomatic Bento4 mp42aac heap-based overflowVulDBVulDB12/17/202201/26/2023CVE-2022-4584
 
accepted
216169jLEMS JUtil.java unpackJar path traversalVulDBVulDB12/17/202201/14/2023CVE-2022-4583
 
accepted
216168starter-public-edition-4 cross site scriptingVulDBVulDB12/17/202201/14/2023CVE-2022-4582
 
accepted
2161671j01 mind-map app.coffee cross site scriptingVulDBVulDB12/17/202201/14/2023CVE-2022-4581
 
accepted
216146UBI Reader UBIFS File output.py ubireader_extract_files path traversalVulDBVulDB12/16/202201/14/2023CVE-2022-4572
 
accepted
215975y_project RuoYi GenController sql injectionVulDBVulDB12/16/202201/13/2023CVE-2022-4566
 
accepted
215974Dromara HuTool cn.hutool.core.util.ZipUtil.java resource consumptionVulDBVulDB12/12/202212/16/202201/13/2023CVE-2022-456556409
accepted
215973University of Central Florida Materia API Controller api.php before cross-site request forgeryVulDBVulDB12/16/202201/13/2023CVE-2022-4564
 
accepted
215972Freedom of the Press SecureDrop gpg-agent.conf symlinkVulDBVulDB12/16/202201/13/2023CVE-2022-4563
 
accepted
215964SemanticDrilldown Extension GET Parameter SDBrowseDataPage.php printFilterLine cross site scriptingVulDBVulDB12/16/202201/13/2023CVE-2022-4561
 
accepted
215963Joget wflow-core UniversalTheme.java getInternalJsCssLib cross site scriptingVulDBVulDB12/16/202201/13/2023CVE-2022-4560
 
accepted
215962INEX IPX-Manager list.foil.php cross site scriptingVulDBVulDB12/16/202201/13/2023CVE-2022-4559
 
accepted
215961Alinto SOGo Folder/Mail NSString+Utilities.m cross site scriptingVulDBVulDB12/16/202201/13/2023CVE-2022-4558
 
accepted
215960Alinto SOGo Identity SOGoUserDefaults.m _migrateMailIdentities cross site scriptingVulDBVulDB12/16/202201/13/2023CVE-2022-4556
 
accepted
215907collective.task table.py AssignedGroupColumn cross site scriptingVulDBVulDB12/15/202201/13/2023CVE-2022-4527
 
accepted
215906django-photologue Default Template photo_detail.html cross site scriptingVulDBVulDB12/15/202201/13/2023CVE-2022-4526
 
accepted
215905National Sleep Research Resource sleepdata.org cross site scriptingVulDBVulDB12/15/202201/13/2023CVE-2022-4525
 
accepted
215904Roots soil Plugin CleanUpModule.php language_attributes cross site scriptingVulDBVulDB12/15/202201/13/2023CVE-2022-4524
 
accepted
215903vexim2 cross site scriptingVulDBVulDB12/15/202201/13/2023CVE-2022-4523
 
accepted
215902CalendarXP cross site scriptingVulDBVulDB12/15/202201/13/2023CVE-2022-4522
 
accepted
215901WSO2 carbon-registry Request Parameter cross site scriptingVulDBVulDB12/15/202201/13/2023CVE-2022-4521
 
accepted
215900WSO2 carbon-registry Advanced Search advancedSearchForm-ajaxprocessor.jsp cross site scriptingVulDBVulDB12/15/202201/13/2023CVE-2022-4520
 
accepted
215886Opencaching Deutschland oc-server3 varset.inc.php cross site scriptingVulDBVulDB12/15/202201/13/2023CVE-2022-4514
 
accepted
215885European Environment Agency eionet.contreg cross site scriptingVulDBVulDB12/15/202201/13/2023CVE-2022-4513
 
accepted
215851RainyGao DocSys path traversalVulDBVulDB12/15/202212/15/202201/12/2023CVE-2022-451157096
accepted
215813collective.dms.basecontent column.py renderCell cross site scriptingVulDBVulDB12/14/202201/12/2023CVE-2022-4495
 
accepted
215804bspkrs MCPMappingViewer ZIP File RemoteZipHandler.java extractZip path traversalVulDBVulDB12/14/202201/12/2023CVE-2022-4494
 
accepted
215803scifio ZIP File DefaultSampleFilesService.java downloadAndUnpackResource path traversalVulDBVulDB12/14/202201/12/2023CVE-2022-4493
 
accepted
215446falling-fruit cross site scriptingVulDBVulDB12/13/202201/07/2023CVE-2022-4456
 
accepted
215445sproctor php-calendar index.php cross site scriptingVulDBVulDB12/13/202201/07/2023CVE-2022-4455
 
accepted
215444m0ver bible-online Search search.java query sql injectionVulDBVulDB12/13/202201/07/2023CVE-2022-4454
 
accepted
215431ipti br.tag cross site scriptingVulDBVulDB12/13/202201/07/2023CVE-2022-4444
 
accepted
215304rAthena FluxCP Service Desk Image URL view.php cross site scriptingVulDBVulDB12/12/202201/02/2023CVE-2022-4421
 
accepted
215278RainyGao DocSys getReposAllUsers.do getReposAllUsers sql injectionVulDBVulDB12/12/202212/12/202201/02/2023CVE-2022-441656388
accepted
215272SourceCodester Canteen Management System ajax_represent.php sql injectionVulDBVulDB12/11/202212/11/202201/02/2023CVE-2022-440356358
accepted
215271RainyGao DocSys ZIP File Decompression path traversalVulDBVulDB12/10/202212/11/202201/02/2023CVE-2022-440256291
accepted
215268pallidlight online-course-selection-system cross site scriptingVulDBVulDB12/10/202201/02/2023CVE-2022-4401
 
accepted
215267zbl1996 FS-Blog Title cross site scriptingVulDBVulDB12/10/202201/02/2023CVE-2022-4400
 
accepted
215252TicklishHoneyBee nodau db.c sql injectionVulDBVulDB12/10/202201/02/2023CVE-2022-4399
 
accepted
215250morontt zend-blog-number-2 Comment Comment.php cross-site request forgeryVulDBVulDB12/10/202201/02/2023CVE-2022-4397
 
accepted
215249RDFlib pyrdfa3 __init__.py _get_option cross site scriptingVulDBVulDB12/10/202201/02/2023CVE-2022-4396
 
accepted
215197S-CMS Contact Information Page cross site scriptingVulDBVulDB12/09/202212/09/202201/02/2023CVE-2022-437756077
accepted
215196Mingsoft MCMS list sql injectionVulDBVulDB12/09/202201/02/2023CVE-2022-4375
 
accepted
215118Teledyne FLIR AX8 Web Service palette.php command injectionVulDBVulDB12/08/202212/08/202201/01/2023CVE-2022-436455748
accepted
215114LinZhaoguan pb-cms Message Board comment cross site scriptingVulDBVulDB12/08/202201/01/2023CVE-2022-4354
 
accepted
215113LinZhaoguan pb-cms IpUtil.getIpAddr cross site scriptingVulDBVulDB12/08/202201/01/2023CVE-2022-4353
 
accepted
215112Mingsoft MCMS search.do cross site scriptingVulDBVulDB12/08/202201/01/2023CVE-2022-4350
 
accepted
215109CTF-hacker pwn delete.html cross-site request forgeryVulDBVulDB12/08/202201/01/2023CVE-2022-4349
 
accepted
215108y_project RuoYi-Cloud JSON cross site scriptingVulDBVulDB12/08/202201/01/2023CVE-2022-4348
 
accepted
215107xiandafu beetl-bbs WebUtils.java cross site scriptingVulDBVulDB12/08/202201/01/2023CVE-2022-4347
 
accepted
215095csliuwy coder-chain_gdut cross site scriptingVulDBVulDB12/07/202201/01/2023CVE-2022-4341
 
accepted
215013maku-boot Scheduled Task AbstractScheduleJob.java doExecute injectionVulDBVulDB12/07/202212/07/202212/31/2022CVE-2022-432255024
accepted
214901FastCMS Template edit injectionVulDBVulDB12/06/202212/06/202212/31/2022CVE-2022-430054917
accepted
214812TP-Link TL-WR740N ARP resource consumptionVulDBVulDB12/05/202212/06/202212/26/2022CVE-2022-429654843
accepted
214790SpringBootCMS Template Management injectionVulDBVulDB12/05/202212/05/202212/26/2022CVE-2022-428254725
accepted
214789Facepay camera.php authorizationVulDBVulDB12/04/202212/05/202212/26/2022CVE-2022-428154699
accepted
214778Dot Tech Smart Campus System findUser information disclosureVulDBVulDB12/02/202212/03/202212/26/2022CVE-2022-428054255
accepted
214776SourceCodester Human Resource Management System employeeview.php cross site scriptingVulDBVulDB12/02/202212/03/202212/26/2022CVE-2022-427954225
accepted
214775SourceCodester Human Resource Management System employeeadd.php sql injectionVulDBVulDB12/02/202212/03/202212/26/2022CVE-2022-427854230
accepted
214774Shaoxing Background Management System Bd sql injectionVulDBVulDB12/02/202212/03/202212/26/2022CVE-2022-427754213
accepted
214772House Rental System POST Request tenant-engine.php unrestricted uploadVulDBVulDB12/02/202212/03/202212/26/2022CVE-2022-427654210
accepted
214771House Rental System POST Request search-property.php sql injectionVulDBVulDB12/02/202212/03/202212/26/2022CVE-2022-427554209
accepted
214770House Rental System view-property.php sql injectionVulDBVulDB12/02/202212/03/202212/26/2022CVE-2022-427454208
accepted
214769SourceCodester Human Resource Management System Content-Type employee.php unrestricted uploadVulDBVulDB12/01/202212/03/202212/26/2022CVE-2022-427354156
accepted
214760FeMiner wms unrestricted uploadVulDBVulDB11/29/202212/03/202212/26/2022CVE-2022-427253791
accepted
214631C-DATA Web Management System GET Parameter jumpto.php argument injectionVulDBVulDB12/01/202212/01/202212/25/2022CVE-2022-425754128
accepted
214630SourceCodester Canteen Management System customer.php builtin_echo cross site scriptingVulDBVulDB12/01/202212/01/202212/25/2022CVE-2022-425354064
accepted
214629SourceCodester Canteen Management System categories.php builtin_echo cross site scriptingVulDBVulDB12/01/202212/01/202212/25/2022CVE-2022-425254063
accepted
214628Movie Ticket Booking System editBooking.php cross site scriptingVulDBVulDB12/01/202212/01/202212/25/2022CVE-2022-425154058
accepted
214627Movie Ticket Booking System booking.php cross site scriptingVulDBVulDB12/01/202212/01/202212/25/2022CVE-2022-425054051
accepted
214626Movie Ticket Booking System POST Request cross site scriptingVulDBVulDB12/01/202212/01/202212/25/2022CVE-2022-424954060
accepted
214625Movie Ticket Booking System editBooking.php sql injectionVulDBVulDB12/01/202212/01/202212/25/2022CVE-2022-424854059
accepted
214624Movie Ticket Booking System booking.php sql injectionVulDBVulDB12/01/202212/01/202212/25/2022CVE-2022-424754050
accepted
214623Kakao PotPlayer MID File denial of serviceVulDBVulDB12/01/202212/25/2022CVE-2022-4246
 
accepted
214595SourceCodester Canteen Management System brand.php builtin_echo cross site scriptingVulDBVulDB11/25/202211/30/202212/24/2022CVE-2022-423453410
accepted
214591SourceCodester Event Registration System cross site scriptingVulDBVulDB11/26/202211/30/202212/24/2022CVE-2022-423353590
accepted
214590SourceCodester Event Registration System unrestricted uploadVulDBVulDB11/26/202211/30/202212/24/2022CVE-2022-423253589
accepted
214589Tribal Systems Zenario CMS Remember Me session fixiationVulDBVulDB11/30/202211/30/202212/24/2022CVE-2022-423153898
accepted
214588SourceCodester Book Store Management System index.php access controlVulDBVulDB11/30/202211/30/202212/24/2022CVE-2022-422953897
accepted
214587SourceCodester Book Store Management System information disclosureVulDBVulDB11/30/202211/30/202212/24/2022CVE-2022-422853896
accepted
214523SourceCodester Canteen Management System POST Request ajax_invoice.php query sql injectionVulDBVulDB11/30/202211/30/202212/24/2022CVE-2022-422253884
accepted
214518GPAC lsr_dec.c lsr_translate_coords integer overflowVulDBVulDB11/18/202211/29/202212/24/2022CVE-2022-420252567
accepted
214359SourceCodester Canteen Management System food.php query cross site scriptingVulDBVulDB11/25/202211/25/202212/23/2022CVE-2022-409153402
accepted
214331rickxy Stock Management System cross-site request forgeryVulDBVulDB11/21/202211/24/202212/23/2022CVE-2022-409052793
accepted
214324rickxy Stock Management System processlogin.php cross site scriptingVulDBVulDB11/21/202211/24/202212/23/2022CVE-2022-408952792
accepted
214322rickxy Stock Management System processlogin.php sql injectionVulDBVulDB11/21/202211/24/202212/23/2022CVE-2022-408852791
accepted
214054iPXE TLS tls.c tls_new_ciphertext information exposureVulDBVulDB11/18/202211/21/202212/21/2022CVE-2022-408752581
accepted
214053WP White Security WP Activity Log Plugin HTTP Header neutralization for logs [False-Positive]VulDBVulDB11/18/202211/20/202212/21/2022CVE-2022-408652578revoked
214052Top Infosoft Visitor Details Plugin HTTP Header neutralization for logs [False-Positive]VulDBVulDB11/18/202211/20/202212/21/2022CVE-2022-408552601revoked
214051Activity Log Plugin HTTP Header neutralization for logs [False-Positive]VulDBVulDB11/18/202211/20/202212/21/2022CVE-2022-408452577revoked
214050MyTechTalky User Location and IP Plugin HTTP Header neutralization for logs [False-Positive]VulDBVulDB11/18/202211/20/202212/21/2022CVE-2022-408352600revoked
214049Solwin Infotech User Activity Log Plugin HTTP Header neutralization for logs [False-Positive]VulDBVulDB11/18/202211/20/202212/21/2022CVE-2022-408252576revoked
214048getseofix Show Visitor IP Address Widget and Shortcode Plugin HTTP Header neutralization for logs [False-Positive]VulDBVulDB11/18/202211/20/202212/21/2022CVE-2022-408152599revoked
214047Opal Login History Plugin HTTP Header neutralization for logs [False-Positive]VulDBVulDB11/18/202211/20/202212/21/2022CVE-2022-408052580revoked
214046Show Visitor IP Plugin HTTP Header neutralization for logs [False-Positive]VulDBVulDB11/18/202211/20/202212/21/2022CVE-2022-407952598revoked
214045IP Location Block Plugin HTTP Header neutralization for logs [False-Positive]VulDBVulDB11/18/202211/20/202212/21/2022CVE-2022-407852596revoked
214044Yellow Tree Geolocation IP Detection Plugin HTTP Header neutralization for logs [False-Positive]VulDBVulDB11/18/202211/20/202212/21/2022CVE-2022-407752595revoked
214043codeboxr CBX User Online & Last Login Plugin HTTP Header neutralization for logs [False-Positive]VulDBVulDB11/18/202211/20/202212/21/2022CVE-2022-407652589revoked
214042Banhammer Plugin HTTP Header neutralization for logs [False-Positive]VulDBVulDB11/18/202211/20/202212/21/2022CVE-2022-407552588revoked
214041Show IP Address Plugin HTTP Header neutralization for logs [False-Positive]VulDBVulDB11/18/202211/20/202212/21/2022CVE-2022-407452587revoked
214040Aleksandr R alx ip statistic Plugin HTTP Header neutralization for logs [False-Positive]VulDBVulDB11/18/202211/20/202212/21/2022CVE-2022-407352586revoked
214039Iridium Intelligence bad_ip WP Plugin HTTP Header neutralization for logs [False-Positive]VulDBVulDB11/18/202211/20/202212/21/2022CVE-2022-407252585revoked
214038RSJoomla RSFirewall Plugin HTTP Header neutralization for logs [False-Positive]VulDBVulDB11/18/202211/20/202212/21/2022CVE-2022-407152584revoked
214028davidmoreno onion Log response.c onion_response_flush allocation of resourcesVulDBVulDB11/19/202212/20/2022CVE-2022-4066
 
accepted
214027cbeust testng XML File Parser JarFileUtils.java testngXmlExistsInJar path traversalVulDBVulDB11/19/202204/29/2023CVE-2022-4065
 
accepted
214026Dalli Meta Protocol request_formatter.rb self.meta_set injectionVulDBVulDB11/19/202212/20/2022CVE-2022-4064
 
accepted
213846Student Attendance Management System createClass.php cross site scriptingVulDBVulDB11/17/202211/17/202212/19/2022CVE-2022-405352469
accepted
213845Student Attendance Management System createClass.php sql injectionVulDBVulDB11/17/202211/17/202212/19/2022CVE-2022-405252468
accepted
213844Hostel Searching Project view-property.php sql injectionVulDBVulDB11/17/202211/17/202212/19/2022CVE-2022-405152458
accepted
213789Sports Club Management System make_payments.php sql injectionVulDBVulDB11/16/202211/16/202212/19/2022CVE-2022-401552394
accepted
213788FeehiCMS Post My Comment Tab cross-site request forgeryVulDBVulDB11/15/202211/16/202212/19/2022CVE-2022-401452189
accepted
213787Hospital Management Center appointment.php cross-site request forgeryVulDBVulDB11/15/202211/16/202212/19/2022CVE-2022-401352207
accepted
213786Hospital Management Center patient-info.php sql injectionVulDBVulDB11/15/202211/16/202212/19/2022CVE-2022-401252206
accepted
213785Simple History Plugin Header neutralization for logsVulDBVulDB11/13/202211/16/202212/19/2022CVE-2022-401152038
accepted
213716WBCE CMS Header class.login.php increase_attempts excessive authenticationVulDBVulDB11/15/202212/18/2022CVE-2022-4006
 
accepted
213699MonikaBrzica scm uredi_korisnika.php sql injectionVulDBVulDB11/15/202211/15/202212/18/2022CVE-2022-399852155
accepted
213698MonikaBrzica scm upis_u_bazu.php sql injectionVulDBVulDB11/15/202211/15/202212/18/2022CVE-2022-399752186
accepted
213571SourceCodester Sanitization Management System Banner Image cross site scriptingVulDBVulDB11/14/202211/14/202204/18/2023CVE-2022-399252052
accepted
213560Frappe Search navbar_search.html cross site scriptingVulDBVulDB11/14/202212/17/2022CVE-2022-3988
 
accepted
213557NagVis CoreLogonMultisite.php checkAuthCookie type conversionVulDBVulDB11/13/202210/24/2023CVE-2022-3979
 
accepted
213556MZ Automation libiec61850 MMS File Services mms_client_files.c path traversalVulDBVulDB11/13/202212/17/2022CVE-2022-3976
 
accepted
213555NodeBB abort cross-site request forgeryVulDBVulDB11/13/202212/17/2022CVE-2022-3978
 
accepted
213554NukeViet CMS Data URL Request.php filterAttr cross site scriptingVulDBVulDB11/13/202212/17/2022CVE-2022-3975
 
accepted
213553Axiomatic Bento4 mp4info Ap4StdCFileByteStream.cpp ReadPartial heap-based overflowVulDBVulDB11/13/202212/17/2022CVE-2022-3974
 
accepted
213552Pingkon HMS-PHP Data Pump Metadata admin.php sql injectionVulDBVulDB11/13/202212/17/2022CVE-2022-3973
 
accepted
213551Pingkon HMS-PHP adminlogin.php sql injectionVulDBVulDB11/09/202211/13/202212/17/2022CVE-2022-397251578
accepted
213550matrix-appservice-irc PgDataStore.ts sql injectionVulDBVulDB11/13/202212/17/2022CVE-2022-3971
 
accepted
213549LibTIFF tif_getimage.c TIFFReadRGBATileExt integer overflowVulDBVulDB11/13/202212/17/2022CVE-2022-3970
 
accepted
213548OpenKM FileUtils.java getFileExtension temp fileVulDBVulDB11/13/202212/17/2022CVE-2022-3969
 
accepted
213547emlog article_save.php cross site scriptingVulDBVulDB11/13/202212/17/2022CVE-2022-3968
 
accepted
213546Vesta Control Panel sed main.sh argument injectionVulDBVulDB11/13/202212/17/2022CVE-2022-3967
 
accepted
213545Ultimate Member Plugin Template class-shortcodes.php load_template pathname traversalVulDBVulDB11/13/202212/17/2022CVE-2022-3966
 
accepted
213544ffmpeg QuickTime Graphics Video Encoder smcenc.c smc_encode_stream out-of-boundsVulDBVulDB11/13/202212/17/2022CVE-2022-3965
 
accepted
213543ffmpeg QuickTime RPZA Video Encoder rpzaenc.c out-of-boundsVulDBVulDB11/13/202212/17/2022CVE-2022-3964
 
accepted
213540gnuboard5 FAQ Key ID faq.php cross site scriptingVulDBVulDB11/12/202212/17/2022CVE-2022-3963
 
accepted
213464drogon Session Hash small space of random valuesVulDBVulDB11/11/202212/17/2022CVE-2022-3959
 
accepted
213463GPAC SVG Parser svg_attributes.c svg_parse_preserveaspectratio memory leakVulDBVulDB11/11/202212/17/2022CVE-2022-3957
 
accepted
213462tsruban HHIMS Patient Portrait sql injectionVulDBVulDB11/10/202211/11/202212/17/2022CVE-2022-395651799
accepted
213461tholum crm42 Login class.user.php sql injectionVulDBVulDB11/07/202211/11/202212/17/2022CVE-2022-395551128
accepted
213459Exiv2 QuickTime Video quicktimevideo.cpp multipleEntriesDecoder infinite loop [False-Positive]VulDBVulDB11/11/202212/17/2022CVE-2022-3953
 
revoked
213457ManyDesigns Portofino WarFileLauncher.java createTempDir temp fileVulDBVulDB11/11/202212/17/2022CVE-2022-3952
 
accepted
213456sanluan PublicCMS Tab dwz.min.js initLink cross site scriptingVulDBVulDB11/11/202212/17/2022CVE-2022-3950
 
accepted
213455Sourcecodester Simple Cashiering System User Account cross site scriptingVulDBVulDB11/11/202211/11/202212/17/2022CVE-2022-394951891
accepted
213454eolinker goku_lite getList sql injectionVulDBVulDB11/11/202211/11/202212/17/2022CVE-2022-394851890
accepted
213453eolinker goku_lite list sql injectionVulDBVulDB11/11/202211/11/202212/17/2022CVE-2022-394751889
accepted
213451jerryhanjj ERP Commodity Management inventory.php uploadImages unrestricted uploadVulDBVulDB11/08/202211/11/202212/17/2022CVE-2022-394451350
accepted
213450ForU CMS cms_chip.php cross site scriptingVulDBVulDB11/08/202211/11/202212/17/2022CVE-2022-394351298
accepted
213449SourceCodester Sanitization Management System Quote Requests Form cross site scriptingVulDBVulDB11/05/202211/11/202212/17/2022CVE-2022-394251065
accepted
213448Activity Log Plugin HTTP Header neutralization for logsVulDBVulDB11/03/202211/11/202212/17/2022CVE-2022-394150744
accepted
213447lanyulei ferry task.go path traversalVulDBVulDB11/03/202211/11/202212/17/2022CVE-2022-394050729
accepted
213446lanyulei ferry API file.go path traversalVulDBVulDB11/07/202211/11/202212/17/2022CVE-2022-393951133
accepted
213039Maxon ERP browse_data sql injectionVulDBVulDB11/03/202211/07/202212/05/2022CVE-2022-387850778
accepted
213012SourceCodester Sanitization Management System sql injectionVulDBVulDB11/02/202211/05/202212/05/2022CVE-2022-386850579
accepted
212863phpipam Import Preview import-load-data.php cross site scriptingVulDBVulDB11/02/202212/04/2022CVE-2022-3845
 
accepted
212862Webmin index.cgi cross site scriptingVulDBVulDB11/02/202201/26/2023CVE-2022-3844
 
accepted
212794centreon Contact Groups Form formContactGroup.php sql injectionVulDBVulDB11/02/202212/03/2022CVE-2022-3827
 
accepted
212793Huaxia ERP Retail Management list information disclosureVulDBVulDB11/02/202211/02/202212/03/2022CVE-2022-382650577
accepted
212792Huaxia ERP User Management sql injectionVulDBVulDB11/02/202211/02/202212/03/2022CVE-2022-382550572
accepted
212683Axiomatic Bento4 mp4mux memory leakVulDBVulDB11/01/202212/03/2022CVE-2022-3817
 
accepted
212682Axiomatic Bento4 mp4decrypt memory leakVulDBVulDB11/01/202212/03/2022CVE-2022-3816
 
accepted
212681Axiomatic Bento4 mp4decrypt memory leakVulDBVulDB11/01/202211/30/2022CVE-2022-3815
 
accepted
212680Axiomatic Bento4 mp4decrypt memory leakVulDBVulDB11/01/202211/30/2022CVE-2022-3814
 
accepted
212679Axiomatic Bento4 mp4edit memory leakVulDBVulDB11/01/202211/30/2022CVE-2022-3813
 
accepted
212678Axiomatic Bento4 mp4encrypt AP4_ContainerAtom memory leakVulDBVulDB11/01/202211/30/2022CVE-2022-3812
 
accepted
212667Axiomatic Bento4 mp42hevc Mp42Hevc.cpp AP4_File denial of serviceVulDBVulDB11/01/202211/30/2022CVE-2022-3810
 
accepted
212666Axiomatic Bento4 mp4tag Mp4Tag.cpp ParseCommandLine denial of serviceVulDBVulDB11/01/202211/30/2022CVE-2022-3809
 
accepted
212661WebFactory Under Construction Plugin Plugin Setting cross site scripting [False-Positive]VulDBVulDB11/01/202211/30/2022CVE-2022-3808
 
revoked
212660Axiomatic Bento4 Incomplete Fix CVE-2019-13238 resource consumptionVulDBVulDB11/01/202211/30/2022CVE-2022-3807
 
accepted
212640eolinker apinto-dashboard login cross site scriptingVulDBVulDB11/01/202211/01/202211/30/2022CVE-2022-380450338
accepted
212639eolinker apinto-dashboard cross site scriptingVulDBVulDB11/01/202211/01/202211/30/2022CVE-2022-380350340
accepted
212638IBAX go-ibax rowsInfo sql injectionVulDBVulDB11/01/202211/01/202211/30/2022CVE-2022-380250344
accepted
212637IBAX go-ibax rowsInfo sql injectionVulDBVulDB11/01/202211/01/202211/30/2022CVE-2022-380150343
accepted
212636IBAX go-ibax rowsInfo sql injectionVulDBVulDB11/01/202211/01/202211/30/2022CVE-2022-380050342
accepted
212635IBAX go-ibax tablesInfo sql injectionVulDBVulDB11/01/202211/30/2022CVE-2022-3799
 
accepted
212634IBAX go-ibax tablesInfo sql injectionVulDBVulDB11/01/202211/01/202211/30/2022CVE-2022-379850341
accepted
212633eolinker apinto-dashboard login redirectVulDBVulDB11/01/202211/01/202211/30/2022CVE-2022-379750339
accepted
212632Events Calendar Plugin Event post.php cross site scripting [False-Positive]VulDBVulDB11/01/202211/30/2022CVE-2022-3796
 
revoked
212613PDF & Print Plugin Setting cross site scripting [False-Positive]VulDBVulDB11/01/202211/30/2022CVE-2022-3791
 
revoked
212612Flipbook Plugin Edit Post post.php cross site scripting [False-Positive]VulDBVulDB11/01/202211/30/2022CVE-2022-3790
 
revoked
212611Tim Campus Confession Wall share.php sql injectionVulDBVulDB11/01/202211/01/202211/30/2022CVE-2022-378950316
accepted
212610TablePress Plugin Table Import cross site scripting [False-Positive]VulDBVulDB11/01/202211/30/2022CVE-2022-3788
 
revoked
212564Axiomatic Bento4 Avcinfo SetDataSize heap-based overflowVulDBVulDB10/31/202211/30/2022CVE-2022-3785
 
accepted
212563Axiomatic Bento4 mp4hls Ap4Mp4AudioInfo.cpp ReadBits heap-based overflowVulDBVulDB10/31/202211/30/2022CVE-2022-3784
 
accepted
212555node-red-dashboard ui_text Format ui-component-ctrl.js cross site scriptingVulDBVulDB10/31/202211/30/2022CVE-2022-3783
 
accepted
212504SourceCodester Train Scheduler App resource injectionVulDBVulDB10/30/202210/31/202211/26/2022CVE-2022-377450188
accepted
212503EmbedPress Plugin Shortcode post.php cross site scripting [False-Positive]VulDBVulDB10/31/202211/26/2022CVE-2022-3773
 
revoked
212502easyii CMS out cross-site request forgery [Duplicate]VulDBVulDB10/31/202211/26/2022CVE-2022-3772
 
revoked
212501easyii CMS File Upload Management Upload.php file unrestricted uploadVulDBVulDB10/31/202210/31/202211/26/2022CVE-2022-377150192
accepted
212500Yunjing CMS upload_img.html unrestricted uploadVulDBVulDB10/30/202210/31/202211/26/2022CVE-2022-377050189
accepted
212497Exiv2 QuickTime Video quicktimevideo.cpp decodeBlock buffer overflow [False-Positive]VulDBVulDB10/29/202211/26/2022CVE-2022-3757
 
revoked
212496Exiv2 QuickTime Video quicktimevideo.cpp userDataDecoder integer overflow [False-Positive]VulDBVulDB10/29/202211/26/2022CVE-2022-3756
 
revoked
212495Exiv2 QuickTime Video quicktimevideo.cpp userDataDecoder null pointer dereference [False-Positive]VulDBVulDB10/29/202211/26/2022CVE-2022-3755
 
revoked
212417seccome Ehoney signup access controlVulDBVulDB10/28/202210/28/202211/26/2022CVE-2022-373549967
accepted
212416Redis dbghelp.dll uncontrolled search path [Disputed]VulDBVulDB10/26/202210/28/202211/29/2022CVE-2022-373449829
accepted
212415SourceCodester Web-Based Student Clearance System edit-admin.php sql injectionVulDBVulDB10/27/202210/28/202211/26/2022CVE-2022-373349888
accepted
212414seccome Ehoney set sql injectionVulDBVulDB10/26/202210/28/202211/26/2022CVE-2022-373249826
accepted
212413seccome Ehoney token sql injectionVulDBVulDB10/26/202210/28/202211/26/2022CVE-2022-373149825
accepted
212412seccome Ehoney falco sql injectionVulDBVulDB10/26/202210/28/202211/26/2022CVE-2022-373049824
accepted
212411seccome Ehoney attack sql injectionVulDBVulDB10/26/202210/28/202211/26/2022CVE-2022-372949823
accepted
212350Exiv2 QuickTime Video quicktimevideo.cpp userDataDecoder heap-based overflow [False-Positive]VulDBVulDB10/27/202211/25/2022CVE-2022-3719
 
revoked
212349Exiv2 QuickTime Video quicktimevideo.cpp decodeBlock null pointer dereference [False-Positive]VulDBVulDB10/27/202211/25/2022CVE-2022-3718
 
revoked
212348Exiv2 bmffimage.cpp boxHandler memory corruption [False-Positive]VulDBVulDB10/27/202211/25/2022CVE-2022-3717
 
revoked
212347SourceCodester Online Medicine Ordering System cross site scriptingVulDBVulDB10/25/202210/27/202211/25/2022CVE-2022-371649686
accepted
212346SourceCodester Online Medicine Ordering System sql injectionVulDBVulDB10/25/202210/27/202211/25/2022CVE-2022-371449798
accepted
212324vim autocmd quickfix.c qf_update_buffer use after freeVulDBVulDB10/26/202211/25/2022CVE-2022-3705
 
accepted
212319Ruby on Rails _table.html.erb cross site scripting [Disputed]VulDBVulDB10/26/202201/19/2023CVE-2022-3704
 
accepted
212017SourceCodester Sanitization Management System missing authenticationVulDBVulDB10/23/202210/24/202211/19/2022CVE-2022-367449593
accepted
212016SourceCodester Sanitization Management System Master.php cross site scriptingVulDBVulDB10/24/202211/19/2022CVE-2022-3673
 
accepted
212015SourceCodester Sanitization Management System SystemSettings.php cross site scriptingVulDBVulDB10/23/202210/24/202211/19/2022CVE-2022-367249603
accepted
212014SourceCodester eLearning System manage.php sql injectionVulDBVulDB10/22/202210/24/202211/19/2022CVE-2022-367149576
accepted
212010Axiomatic Bento4 mp42hevc WriteSample heap-based overflowVulDBVulDB10/22/202211/19/2022CVE-2022-3670
 
accepted
212009Axiomatic Bento4 mp4edit Create memory leakVulDBVulDB10/22/202211/19/2022CVE-2022-3669
 
accepted
212008Axiomatic Bento4 mp4edit CreateAtomFromStream memory leakVulDBVulDB10/22/202211/19/2022CVE-2022-3668
 
accepted
212007Axiomatic Bento4 mp42aac Ap4ByteStream.cpp WritePartial heap-based overflowVulDBVulDB10/22/202211/19/2022CVE-2022-3667
 
accepted
212006Axiomatic Bento4 mp42ts Ap4LinearReader.cpp Advance use after freeVulDBVulDB10/22/202211/19/2022CVE-2022-3666
 
accepted
212005Axiomatic Bento4 avcinfo AvcInfo.cpp heap-based overflowVulDBVulDB10/22/202211/19/2022CVE-2022-3665
 
accepted
212004Axiomatic Bento4 avcinfo Ap4BitStream.cpp WriteBytes heap-based overflowVulDBVulDB10/22/202211/19/2022CVE-2022-3664
 
accepted
212003Axiomatic Bento4 MP4fragment Ap4StsdAtom.cpp AP4_StsdAtom null pointer dereferenceVulDBVulDB10/22/202211/19/2022CVE-2022-3663
 
accepted
212002Axiomatic Bento4 mp42hls Ap4Sample.h GetOffset use after freeVulDBVulDB10/22/202211/19/2022CVE-2022-3662
 
accepted
211992Linux Kernel BPF inode.c nilfs_new_inode use after freeVulDBVulDB10/21/202211/19/2022CVE-2022-3649
 
accepted
211962Redis Crash Report debug.c sigsegvHandler denial of service [Disputed]VulDBVulDB10/21/202202/06/2024CVE-2022-3647
 
accepted
211961Linux Kernel BPF segment.c nilfs_attach_log_writer memory leakVulDBVulDB10/21/202211/19/2022CVE-2022-3646
 
accepted
211959Linux Kernel Wireless rtl8xxxu_8188f.c rtl8188f_spur_calibration uninitialized variable [False-Positive]VulDBVulDB10/21/202211/19/2022CVE-2022-3642
 
revoked
211944Linux Kernel Bluetooth l2cap_core.c l2cap_conn_del use after freeVulDBVulDB10/21/202211/19/2022CVE-2022-3640
 
accepted
211937Nginx IPv4 Off ngx_resolver.c memory leak [False-Positive]VulDBVulDB10/21/202211/19/2022CVE-2022-3638
 
revoked
211936Linux Kernel BlueZ jlink.c jlink_init denial of serviceVulDBVulDB10/21/202211/19/2022CVE-2022-3637
 
accepted
211935Linux Kernel Ethernet mtk_ppe.c __mtk_ppe_check_skb use after freeVulDBVulDB10/21/202211/19/2022CVE-2022-3636
 
accepted
211934Linux Kernel IPsec idt77252.c tst_timer use after freeVulDBVulDB10/21/202211/19/2022CVE-2022-3635
 
accepted
211932Linux Kernel transport.c j1939_session_destroy memory leakVulDBVulDB10/21/202201/03/2023CVE-2022-3633
 
accepted
211931Linux Kernel IPsec cookie.c memory leakVulDBVulDB10/21/202211/19/2022CVE-2022-3630
 
accepted
211930Linux Kernel af_vsock.c vsock_connect memory leakVulDBVulDB10/21/202201/03/2023CVE-2022-3629
 
accepted
211929Linux Kernel IPsec devlink.c devlink_param_get use after freeVulDBVulDB10/21/202211/19/2022CVE-2022-3625
 
accepted
211928Linux Kernel IPsec bond_alb.c rlb_arp_xmit memory leakVulDBVulDB10/21/202211/19/2022CVE-2022-3624
 
accepted
211921Linux Kernel BPF gup.c follow_page_pte race conditionVulDBVulDB10/20/202211/19/2022CVE-2022-3623
 
accepted
211920Linux Kernel nilfs2 inode.c nilfs_bmap_lookup_at_level null pointer dereferenceVulDBVulDB10/20/202211/18/2022CVE-2022-3621
 
accepted
211919Exim DMARC dmarc.c dmarc_dns_lookup use after freeVulDBVulDB10/20/202211/18/2022CVE-2022-3620
 
accepted
211918Linux Kernel Bluetooth l2cap_core.c l2cap_recv_acldata memory leakVulDBVulDB10/20/202211/18/2022CVE-2022-3619
 
accepted
211749Linux Kernel BPF libbpf.c find_prog_by_sec_insn null pointer dereferenceVulDBVulDB10/19/202211/18/2022CVE-2022-3606
 
accepted
211364Linux Kernel CIFS sess.c sess_free_buffer double freeVulDBVulDB10/18/202211/10/2022CVE-2022-3595
 
accepted
211363Linux Kernel BPF r8152.c intr_callback logging of excessive dataVulDBVulDB10/18/202211/10/2022CVE-2022-3594
 
accepted
211362Linux Kernel iproute2 ipmptcp.c mptcp_limit_get_set memory leak [False-Positive]VulDBVulDB10/18/202211/10/2022CVE-2022-3593
 
revoked
211201SourceCodester Simple Cold Storage Management System My Account cross site scriptingVulDBVulDB10/18/202210/18/202211/10/2022CVE-2022-358749116
accepted
211194SourceCodester Simple Cold Storage Management System Contact Us cross-site request forgeryVulDBVulDB10/18/202210/18/202211/10/2022CVE-2022-358549111
accepted
211193SourceCodester Canteen Management System edituser.php sql injectionVulDBVulDB10/18/202210/18/202211/10/2022CVE-2022-358449110
accepted
211192SourceCodester Canteen Management System login.php sql injectionVulDBVulDB10/18/202210/18/202211/10/2022CVE-2022-358349109
accepted
211189SourceCodester Simple Cold Storage Management System cross-site request forgeryVulDBVulDB10/17/202210/18/202211/10/2022CVE-2022-358248631
accepted
211188SourceCodester Cashier Queuing System Cashiers Tab cross site scriptingVulDBVulDB10/17/202210/18/202211/10/2022CVE-2022-358148574
accepted
211187SourceCodester Cashier Queuing System User Creation cross site scriptingVulDBVulDB10/17/202210/18/202211/10/2022CVE-2022-358048573
accepted
211186SourceCodester Cashier Queuing System Login Page login.php sql injectionVulDBVulDB10/17/202210/18/202211/10/2022CVE-2022-357948571
accepted
211090Linux Kernel IPv6 inet6_dgram_ops race conditionVulDBVulDB10/17/202211/10/2022CVE-2022-3567
 
accepted
211089Linux Kernel TCP tcp_setsockopt race conditionVulDBVulDB10/17/202211/10/2022CVE-2022-3566
 
accepted
211088Linux Kernel Bluetooth l1oip_core.c del_timer use after freeVulDBVulDB10/17/202211/09/2022CVE-2022-3565
 
accepted
211087Linux Kernel Bluetooth l2cap_core.c l2cap_reassemble_sdu use after freeVulDBVulDB10/17/202211/09/2022CVE-2022-3564
 
accepted
211086Linux Kernel BlueZ mgmt-tester.c read_50_controller_cap_complete null pointer dereferenceVulDBVulDB10/17/202211/09/2022CVE-2022-3563
 
accepted
211073Exim Regex use after freeVulDBVulDB10/17/202211/09/2022CVE-2022-3559
 
accepted
211055X.org libX11 xcb_disp.c _XFreeX11XCBStructure memory leak [False-Positive]VulDBVulDB10/17/202211/09/2022CVE-2022-3555
 
revoked
211054X.org libX11 imsClbk.c _XimRegisterIMInstantiateCallback memory leak [False-Positive]VulDBVulDB10/17/202211/09/2022CVE-2022-3554
 
revoked
211053X.org Server xquartz X11Controller.m denial of serviceVulDBVulDB10/17/202211/09/2022CVE-2022-3553
 
accepted
211052X.org Server xkb.c ProcXkbGetKbdByName memory leakVulDBVulDB10/17/202211/09/2022CVE-2022-3551
 
accepted
211051X.org Server xkb.c _GetCountedString buffer overflowVulDBVulDB10/17/202211/09/2022CVE-2022-3550
 
accepted
211049SourceCodester Simple Cold Storage Management System Avatar unrestricted uploadVulDBVulDB10/16/202210/17/202211/09/2022CVE-2022-354948476
accepted
211048SourceCodester Simple Cold Storage Management System Add New Storage cross site scriptingVulDBVulDB10/16/202210/17/202203/01/2024CVE-2022-354848471
accepted
211047SourceCodester Simple Cold Storage Management System Setting cross site scriptingVulDBVulDB10/16/202210/17/202211/09/2022CVE-2022-354748470
accepted
211046SourceCodester Simple Cold Storage Management System Create User cross site scriptingVulDBVulDB10/16/202210/17/202211/09/2022CVE-2022-354648467
accepted
211045Linux Kernel IPsec nfp_cppcore.c area_cache_get use after freeVulDBVulDB10/17/202211/09/2022CVE-2022-3545
 
accepted
211044Linux Kernel Netfilter sysfs.c damon_sysfs_add_target memory leakVulDBVulDB10/17/202211/09/2022CVE-2022-3544
 
accepted
211043Linux Kernel BPF af_unix.c unix_release_sock memory leakVulDBVulDB10/17/202211/09/2022CVE-2022-3543
 
accepted
211042Linux Kernel BPF bnx2x_cmn.c bnx2x_tpa_stop memory leak [False-Positive]VulDBVulDB10/17/202212/21/2022CVE-2022-3542
 
revoked
211041Linux Kernel BPF spl2sw_driver.c spl2sw_nvmem_get_mac_address use after freeVulDBVulDB10/17/202211/09/2022CVE-2022-3541
 
accepted
211033Linux Kernel mvpp2 mvpp2_debugfs.c mvpp2_dbgfs_port_init memory leak [False-Positive]VulDBVulDB10/17/202212/21/2022CVE-2022-3535
 
revoked
211032Linux Kernel libbpf btf_dump.c btf_dump_name_dups use after freeVulDBVulDB10/17/202211/09/2022CVE-2022-3534
 
accepted
211031Linux Kernel BPF usdt.c parse_usdt_arg memory leakVulDBVulDB10/17/202211/09/2022CVE-2022-3533
 
accepted
211030Linux Kernel BPF test_fentry memory leak [False-Positive]VulDBVulDB10/17/202212/17/2022CVE-2022-3532
 
revoked
211029Linux Kernel BPF kprobe_multi_test.c get_syms memory leak [False-Positive]VulDBVulDB10/17/202212/17/2022CVE-2022-3531
 
revoked
211028Linux Kernel iproute2 ipaddress.c ipaddr_link_get memory leak [False-Positive]VulDBVulDB10/16/202211/09/2022CVE-2022-3530
 
revoked
211027Linux Kernel iproute2 fdb.c fdb_get memory leak [False-Positive]VulDBVulDB10/16/202211/09/2022CVE-2022-3529
 
revoked
211026Linux Kernel iproute2 ipmptcp.c mptcp_addr_show memory leak [False-Positive]VulDBVulDB10/16/202211/09/2022CVE-2022-3528
 
revoked
211025Linux Kernel iproute2 ipneigh.c ipneigh_get memory leak [False-Positive]VulDBVulDB10/16/202211/09/2022CVE-2022-3527
 
revoked
211024Linux Kernel skb macvlan.c macvlan_handle_frame memory leakVulDBVulDB10/16/202211/09/2022CVE-2022-3526
 
accepted
211021Linux Kernel IPv6 ipv6_renew_options memory leakVulDBVulDB10/16/202211/09/2022CVE-2022-3524
 
accepted
211020Linux Kernel Driver memory.c use after freeVulDBVulDB10/16/202211/09/2022CVE-2022-3523
 
accepted
211019Linux Kernel hugetlb.c hugetlb_no_page race condition [False-Positive]VulDBVulDB10/16/202201/24/2023CVE-2022-3522
 
revoked
211018Linux Kernel kcm kcmsock.c kcm_tx_work race conditionVulDBVulDB10/16/202211/09/2022CVE-2022-3521
 
accepted
211015SourceCodester Sanitization Management System Quote Requests Tab cross site scriptingVulDBVulDB10/14/202210/15/202211/09/2022CVE-2022-351948254
accepted
211014SourceCodester Sanitization Management System User Creation cross site scriptingVulDBVulDB10/14/202210/15/202211/09/2022CVE-2022-351848253
accepted
210840SourceCodester Sanitization Management System cross site scriptingVulDBVulDB10/14/202210/14/202211/08/2022CVE-2022-350548210
accepted
210839SourceCodester Sanitization Management System sql injectionVulDBVulDB10/14/202210/14/202211/08/2022CVE-2022-350448209
accepted
210832SourceCodester Purchase Order Management System Supplier cross site scriptingVulDBVulDB10/13/202210/14/202211/08/2022CVE-2022-350348136
accepted
210831Human Resource Management System Leave cross site scriptingVulDBVulDB10/13/202210/14/202211/08/2022CVE-2022-350248133
accepted
210786SourceCodester Human Resource Management System Master List cross site scriptingVulDBVulDB10/13/202210/13/202211/07/2022CVE-2022-349748127
accepted
210785SourceCodester Human Resource Management System Admin Panel employeeadd.php access controlVulDBVulDB10/13/202210/13/202211/07/2022CVE-2022-349648128
accepted
210784SourceCodester Simple Online Public Access Catalog Admin Login sql injectionVulDBVulDB10/13/202210/13/202211/07/2022CVE-2022-349548126
accepted
210773SourceCodester Human Resource Management System Add Employee cross site scriptingVulDBVulDB10/13/202210/13/202211/07/2022CVE-2022-349348119
accepted
210772SourceCodester Human Resource Management System Profile Photo os command injectionVulDBVulDB10/13/202210/13/202211/07/2022CVE-2022-349248118
accepted
210717SourceCodester Human Resource Management System getstatecity.php sql injectionVulDBVulDB10/12/202210/12/202211/07/2022CVE-2022-347348053
accepted
210716SourceCodester Human Resource Management System city.php sql injectionVulDBVulDB10/12/202210/12/202211/07/2022CVE-2022-347248056
accepted
210715SourceCodester Human Resource Management System city.php sql injectionVulDBVulDB10/12/202210/12/202211/07/2022CVE-2022-347148055
accepted
210714SourceCodester Human Resource Management System getstatecity.php sql injectionVulDBVulDB10/12/202210/12/202211/07/2022CVE-2022-347048054
accepted
210709Jiusi OA hntdCustomDesktopActionContent sql injectionVulDBVulDB10/12/202210/12/202211/07/2022CVE-2022-346748044
accepted
210700Mediabridge Medialink index.asp improper authenticationVulDBVulDB10/12/202210/12/202211/07/2022CVE-2022-346548009
accepted
210699puppyCMS settings.php cross site scriptingVulDBVulDB10/12/202210/12/202211/07/2022CVE-2022-346448008
accepted
210559SourceCodester Human Resource Management System Image File employeeview.php unrestricted uploadVulDBVulDB10/11/202210/11/202211/06/2022CVE-2022-345847815
accepted
210437SourceCodester Book Store Management System transcation.php cross site scriptingVulDBVulDB10/11/202211/05/2022CVE-2022-3453
 
accepted
210436SourceCodester Book Store Management System category.php cross site scriptingVulDBVulDB10/11/202210/11/202211/05/2022CVE-2022-345247772
accepted
210374Crealogix EBICS ebics.aspx cross site scriptingVulDBVulDB10/10/202210/31/2022CVE-2022-3442
 
accepted
210367SourceCodester Web-Based Student Clearance System Photo edit-photo.php unrestricted uploadVulDBVulDB10/09/202210/09/202210/31/2022CVE-2022-343647718
accepted
210357Linux Kernel IPv4 fib_semantics.c fib_nh_match out-of-boundsVulDBVulDB10/08/202210/31/2022CVE-2022-3435
 
accepted
210356SourceCodester Web-Based Student Clearance System add-student.php prepare cross site scriptingVulDBVulDB10/08/202210/08/202210/31/2022CVE-2022-343447679
accepted
210246SourceCodester Web-Based Student Clearance System POST Parameter login.php sql injectionVulDBVulDB10/04/202210/07/202210/30/2022CVE-2022-341447508
accepted
209686Open5GS UDP Packet ogs-tlv-msg.c denial of serviceVulDBVulDB09/28/202209/28/202210/24/2022CVE-2022-335447136
accepted
209679Sony PS4/PS5 exFAT UVFAT_readupcasetable heap-based overflowVulDBVulDB09/28/202210/24/2022CVE-2022-3349
 
accepted
209583SourceCodester Food Ordering Management System POST Parameter router.php sql injectionVulDBVulDB09/26/202209/27/202210/24/2022CVE-2022-333247084
accepted
209545Open5GS AMF client.c denial of serviceVulDBVulDB09/25/202209/26/202210/23/2022CVE-2022-329946980
accepted
209370Zephyr Project Manager REST Call cross site scriptingVulDBVulDB09/13/202209/23/202210/22/2022CVE-2022-333345806
accepted
208606Nintendo Game Boy Color Mobile Adapter GB Tetsuji memory corruptionVulDBVulDB09/14/202210/17/2022CVE-2022-3216
 
accepted
207873codeprojects Online Driving School login.php sql injectionVulDBVulDB09/05/202209/05/202210/13/2022CVE-2022-313045267
accepted
207872codeprojects Online Driving School registration.php unrestricted uploadVulDBVulDB09/05/202209/05/202210/13/2022CVE-2022-312945266
accepted
207854SourceCodester Clinics Patient Management System medicine_details.php sql injectionVulDBVulDB09/05/202209/05/202210/13/2022CVE-2022-312245260
accepted
207853SourceCodester Online Employee Leave Management System addemployee.php cross-site request forgeryVulDBVulDB09/05/202209/05/202210/13/2022CVE-2022-312145259
accepted
207847SourceCodester Clinics Patient Management System Login index.php sql injectionVulDBVulDB09/04/202209/04/202210/13/2022CVE-2022-312045257
accepted
207845Sourcecodehero ERP System Project processlogin.php sql injectionVulDBVulDB09/02/202209/03/202210/13/2022CVE-2022-311845235
accepted
207425oretnom23 Fast Food Ordering System cross site scriptingVulDBVulDB08/27/202208/27/202210/02/2022CVE-2022-301544812
accepted
207424SourceCodester Simple Task Managing System cross site scriptingVulDBVulDB08/27/202208/27/202210/02/2022CVE-2022-301444800
accepted
207423SourceCodester Simple Task Managing System loginVaLidation.php sql injectionVulDBVulDB08/27/202208/27/202210/02/2022CVE-2022-301344810
accepted
207422oretnom23 Fast Food Ordering System index.php sql injectionVulDBVulDB08/27/202208/27/202210/02/2022CVE-2022-301244811
accepted
207001SourceCodester Simple and Nice Shopping Cart Script profile.php sql injectionVulDBVulDB08/22/202208/23/202209/24/2022CVE-2022-295744205
accepted
207000ConsoleTVs Noxen users.php cross site scriptingVulDBVulDB08/22/202208/23/202209/24/2022CVE-2022-295644201
accepted
206880CrowdStrike Falcon Uninstallation authorizationVulDBVulDB08/22/202212/29/2022CVE-2022-2841
 
accepted
206845SourceCodester Simple and Nice Shopping Cart Script profile.php unrestricted uploadVulDBVulDB08/19/202208/19/202209/24/2022CVE-2022-290944145
accepted
206688Laravel deserializationVulDBVulDB08/17/202208/18/202209/18/2022CVE-2022-288643958
accepted
206634SourceCodester Student Management System index.php sql injectionVulDBVulDB08/17/202208/17/202209/17/2022CVE-2022-287643966
accepted
206501laravel deserializationVulDBVulDB08/17/202208/17/202209/17/2022CVE-2022-287043957
accepted
206489SourceCodester Guest Management System front.php sql injectionVulDBVulDB08/16/202208/16/202209/17/2022CVE-2022-284743762
accepted
206488Calendar Event Multi View Plugin cross-site request forgeryVulDBVulDB08/15/202208/16/202209/17/2022CVE-2022-284643713
accepted
206487MotoPress Timetable and Event Schedule Calendar cross site scriptingVulDBVulDB08/15/202208/16/202209/17/2022CVE-2022-284443714
accepted
206486MotoPress Timetable and Event Schedule Quick Edit admin-ajax.php cross site scriptingVulDBVulDB08/15/202208/16/202209/17/2022CVE-2022-284343712
accepted
206451SourceCodester Gym Management System login.php sql injectionVulDBVulDB08/16/202208/16/202209/11/2022CVE-2022-284243813
accepted
206401SourceCodester Simple and Nice Shopping Cart Script login.php cross site scriptingVulDBVulDB08/14/202208/14/202209/11/2022CVE-2022-281443711
accepted
206400SourceCodester Guest Management System cleartext storageVulDBVulDB08/14/202209/11/2022CVE-2022-2813
 
accepted
206398SourceCodester Guest Management System index.php sql injectionVulDBVulDB08/13/202208/14/202209/11/2022CVE-2022-281243710
accepted
206397SourceCodester Guest Management System myform.php cross site scriptingVulDBVulDB08/13/202208/14/202209/11/2022CVE-2022-281143709
accepted
206250SourceCodester Zoo Management System apply_vacancy.php unrestricted uploadVulDBVulDB08/12/202209/10/2022CVE-2022-2804
 
accepted
206249SourceCodester Zoo Management System animals.php sql injectionVulDBVulDB08/12/202208/12/202209/10/2022CVE-2022-280343540
accepted
206248SourceCodester Gas Agency Management System login.php sql injectionVulDBVulDB08/11/202208/12/202209/10/2022CVE-2022-280243467
accepted
206247SourceCodester Automated Beer Parlour Billing System Login sql injectionVulDBVulDB08/11/202208/12/202209/10/2022CVE-2022-280143468
accepted
206246SourceCodester Gym Management System clickjackingVulDBVulDB08/12/202208/12/202209/10/2022CVE-2022-280043541
accepted
206245SourceCodester Student Information System view_student.php sql injectionVulDBVulDB08/12/202208/12/202209/10/2022CVE-2022-279743539
accepted
206173SourceCodester Gas Agency Management System oneWord.php unrestricted uploadVulDBVulDB08/11/202208/11/202209/10/2022CVE-2022-277943453
accepted
206172SourceCodester Gym Management System delete_user.php denial of serviceVulDBVulDB08/11/202208/11/202209/10/2022CVE-2022-277643442
accepted
206170SourceCodester Library Management System student.php sql injectionVulDBVulDB08/10/202208/11/202209/10/2022CVE-2022-277443316
accepted
206169SourceCodester Apartment Visitor Management System profile.php cross site scriptingVulDBVulDB08/11/202209/10/2022CVE-2022-2773
 
accepted
206168SourceCodester Apartment Visitor Management System action-visitor.php sql injectionVulDBVulDB08/10/202208/11/202209/10/2022CVE-2022-277243328
accepted
206167SourceCodester Simple Online Book Store System bookPerPub.php sql injectionVulDBVulDB08/10/202208/11/202209/10/2022CVE-2022-277143320
accepted
206166SourceCodester Simple Online Book Store System book.php sql injectionVulDBVulDB08/10/202208/11/202209/10/2022CVE-2022-277043319
accepted
206165SourceCodester Company Website CMS contact cross site scriptingVulDBVulDB08/10/202208/11/202209/10/2022CVE-2022-276943294
accepted
206164SourceCodester Library Management System cross site scriptingVulDBVulDB08/10/202208/11/202209/10/2022CVE-2022-276843299
accepted
206163SourceCodester Online Admission System index.php cross site scriptingVulDBVulDB08/10/202208/11/202209/10/2022CVE-2022-276743298
accepted
206162SourceCodester Loan Management System index.php sql injectionVulDBVulDB08/10/202208/11/202209/10/2022CVE-2022-276643296
accepted
206161SourceCodester Company Website CMS settings improper authenticationVulDBVulDB08/10/202208/11/202209/10/2022CVE-2022-276543293
accepted
206024SourceCodester Company Website CMS add-portfolio.php unrestricted uploadVulDBVulDB08/09/202208/10/202209/04/2022CVE-2022-275143178
accepted
206022SourceCodester Company Website CMS Add Service add-service.php unrestricted uploadVulDBVulDB08/09/202208/10/202209/04/2022CVE-2022-275043179
accepted
206017SourceCodester Gym Management System unrestricted uploadVulDBVulDB08/10/202208/10/202209/04/2022CVE-2022-274943290
accepted
206016SourceCodester Simple Online Book Store System edit.php cross site scriptingVulDBVulDB08/10/202208/10/202209/04/2022CVE-2022-274843182
accepted
206015SourceCodester Simple Online Book Store book.php sql injectionVulDBVulDB08/10/202209/04/2022CVE-2022-2747
 
accepted
206014SourceCodester Simple Online Book Store System Admin_add.php unrestricted uploadVulDBVulDB08/10/202208/10/202209/12/2022CVE-2022-274643287
accepted
206013SourceCodester Gym Management System Add New Trainer add_trainers.php sql injectionVulDBVulDB08/10/202208/10/202209/04/2022CVE-2022-274543289
accepted
206012SourceCodester Gym Management System Background Management add_exercises.php unrestricted uploadVulDBVulDB08/10/202208/10/202209/04/2022CVE-2022-274443288
accepted
205882SourceCodester Company Website CMS Add Blog add-blog.php unrestricted uploadVulDBVulDB08/09/202208/09/202208/31/2022CVE-2022-274043177
accepted
205881SourceCodester Company Website CMS Background Upload Logo Icon updatelogo.php unrestricted uploadVulDBVulDB08/09/202208/09/202208/31/2022CVE-2022-273643168
accepted
205856SourceCodester Gym Management System index.php sql injectionVulDBVulDB08/09/202208/31/2022CVE-2022-2728
 
accepted
205855SourceCodester Gym Management System login.php sql injectionVulDBVulDB08/09/202208/09/202208/31/2022CVE-2022-272743157
accepted
205839SEMCMS Ant_Check.php sql injectionVulDBVulDB08/08/202208/09/202208/31/2022CVE-2022-272643093
accepted
205838SourceCodester Company Website CMS add-blog.php cross site scriptingVulDBVulDB08/08/202208/09/202208/31/2022CVE-2022-272543143
accepted
205837SourceCodester Employee Management System aprocess.php sql injectionVulDBVulDB08/08/202208/09/202209/03/2022CVE-2022-272443097
accepted
205836SourceCodester Employee Management System eprocess.php sql injectionVulDBVulDB08/08/202208/09/202208/31/2022CVE-2022-272343096
accepted
205835SourceCodester Simple Student Information System manage_course.php sql injectionVulDBVulDB08/08/202208/09/202208/31/2022CVE-2022-272243095
accepted
205834SourceCodester Employee Management System eloginwel.php sql injectionVulDBVulDB08/08/202208/08/202208/31/2022CVE-2022-271543098
accepted
205833SourceCodester Gym Management System login.php sql injectionVulDBVulDB08/08/202208/08/202208/31/2022CVE-2022-270843092
accepted
205831SourceCodester Online Class and Exam Scheduling System faculty_sched.php sql injectionVulDBVulDB08/07/202208/31/2022CVE-2022-2707
 
accepted
205830SourceCodester Online Class and Exam Scheduling System class_sched.php sql injectionVulDBVulDB08/07/202208/07/202208/31/2022CVE-2022-270643088
accepted
205829SourceCodester Simple Student Information System manage_department.php sql injectionVulDBVulDB08/07/202208/07/202208/31/2022CVE-2022-270543090
accepted
205828SourceCodester Simple E-Learning System downloadFiles.php information disclosureVulDBVulDB08/07/202208/07/202208/31/2022CVE-2022-270443089
accepted
205827SourceCodester Gym Management System Exercises Module sql injectionVulDBVulDB08/07/202208/07/202208/31/2022CVE-2022-270343087
accepted
205826SourceCodester Company Website CMS Cookie site-settings.php access controlVulDBVulDB08/06/202208/07/202208/31/2022CVE-2022-270243071
accepted
205822SourceCodester Simple E-Learning System claire_blake cross site scriptingVulDBVulDB08/07/202208/07/202209/03/2022CVE-2022-270143085
accepted
205821SourceCodester Gym Management System GET Parameter sql injectionVulDBVulDB08/07/202208/07/202208/31/2022CVE-2022-270043086
accepted
205820SourceCodester Simple E-Learning System claire_blake sql injectionVulDBVulDB08/07/202208/07/202209/03/2022CVE-2022-269943084
accepted
205819SourceCodester Simple E-Learning System search.php sql injectionVulDBVulDB08/07/202208/07/202208/31/2022CVE-2022-269843082
accepted
205818SourceCodester Simple E-Learning System comment_frame.php sql injectionVulDBVulDB08/07/202208/07/202208/31/2022CVE-2022-269743083
accepted
205817SourceCodester Company Website CMS unrestricted uploadVulDBVulDB08/06/202208/06/202208/31/2022CVE-2022-269443068
accepted
205816SourceCodester Electronic Medical Records System UPDATE Statement register.php sql injectionVulDBVulDB08/06/202208/06/202208/31/2022CVE-2022-269343067
accepted
205815SourceCodester Wedding Hall Booking System Staff User Profile cross site scriptingVulDBVulDB08/06/202208/31/2022CVE-2022-2692
 
accepted
205814SourceCodester Wedding Hall Booking System Profile Page cross site scriptingVulDBVulDB08/06/202208/31/2022CVE-2022-2691
 
accepted
205813SourceCodester Wedding Hall Booking System Booking Form cross site scriptingVulDBVulDB08/06/202208/31/2022CVE-2022-2690
 
accepted
205812SourceCodester Wedding Hall Booking System Contact Page cross site scriptingVulDBVulDB08/06/202208/06/202208/31/2022CVE-2022-268943066
accepted
205811SourceCodester Expense Management System POST Parameter report.php fetch_report_credit sql injectionVulDBVulDB08/06/202208/06/202208/31/2022CVE-2022-268843065
accepted
205734SourceCodester Gym Management System login.php sql injectionVulDBVulDB08/06/202208/06/202208/31/2022CVE-2022-268743064
accepted
205725oretnom23 Fast Food Ordering System Menu List Page cross site scriptingVulDBVulDB08/05/202208/05/202208/31/2022CVE-2022-268642997
accepted
205673SourceCodester Interview Management System addQuestion.php cross site scriptingVulDBVulDB08/05/202208/05/202208/30/2022CVE-2022-268542905
accepted
205672SourceCodester Apartment Visitor Management System manage-apartment.php cross site scriptingVulDBVulDB08/05/202208/05/202208/30/2022CVE-2022-268442903
accepted
205671SourceCodester Simple Food Ordering System login.php cross site scriptingVulDBVulDB08/05/202208/05/202208/30/2022CVE-2022-268342899
accepted
205670SourceCodester Alphaware Simple E-Commerce System stockin.php cross site scriptingVulDBVulDB08/05/202208/05/202208/30/2022CVE-2022-268242900
accepted
205669SourceCodester Online Student Admission System Student User Page edit-profile.php cross site scriptingVulDBVulDB08/05/202208/05/202208/30/2022CVE-2022-268142898
accepted
205668SourceCodester Church Management System login.php sql injectionVulDBVulDB08/05/202208/05/202208/30/2022CVE-2022-268042996
accepted
205667SourceCodester Interview Management System viewReport.php sql injectionVulDBVulDB08/05/202208/05/202208/30/2022CVE-2022-267942904
accepted
205666SourceCodester Alphaware Simple E-Commerce System Background Management Page admin_feature.php unrestricted uploadVulDBVulDB08/05/202208/05/202208/30/2022CVE-2022-267842902
accepted
205665SourceCodester Apartment Visitor Management System index.php sql injectionVulDBVulDB08/05/202208/05/202208/30/2022CVE-2022-267742901
accepted
205664SourceCodester Electronic Medical Records System POST Request sql injectionVulDBVulDB08/05/202208/05/202208/30/2022CVE-2022-267642892
accepted
205658SourceCodester Best Fee Management System admin_class.php login sql injectionVulDBVulDB08/05/202208/05/202208/30/2022CVE-2022-267442881
accepted
205657Rigatur Online Booking and Hotel Management System POST Request login.php sql injectionVulDBVulDB08/05/202208/05/202208/30/2022CVE-2022-267342880
accepted
205656SourceCodester Garage Management System createUser.php sql injectionVulDBVulDB08/05/202208/30/2022CVE-2022-2672
 
accepted
205655SourceCodester Garage Management System removeUser.php sql injectionVulDBVulDB08/05/202208/05/202208/30/2022CVE-2022-267142879
accepted
205619SourceCodester Loan Management System delete_lplan.php sql injectionVulDBVulDB08/05/202208/30/2022CVE-2022-2667
 
accepted
205618SourceCodester Loan Management System login.php sql injectionVulDBVulDB08/04/202208/05/202208/30/2022CVE-2022-266642831
accepted
205615SourceCodester Simple E-Learning System classroom.php sql injectionVulDBVulDB08/05/202208/05/202208/30/2022CVE-2022-266542876
accepted
205614Private Cloud Management Platform POST Request global_config_query improper authenticationVulDBVulDB08/05/202208/05/202208/30/2022CVE-2022-266442872
accepted
205596SourceCodester Multi Language Hotel Management Software sql injectionVulDBVulDB08/04/202208/04/202208/30/2022CVE-2022-265642812
accepted
205595SourceCodester Multi Language Hotel Management Software sql injectionVulDBVulDB08/04/202208/04/202208/30/2022CVE-2022-264842811
accepted
205594jeecg-boot unrestricted uploadVulDBVulDB08/04/202208/04/202208/30/2022CVE-2022-264742810
accepted
205573SourceCodester Garage Management System edituser.php cross site scriptingVulDBVulDB08/03/202208/04/202208/30/2022CVE-2022-264542784
accepted
205572SourceCodester Online Admission System index.php cross site scriptingVulDBVulDB08/04/202208/04/202208/30/2022CVE-2022-264642809
accepted
205565SourceCodester Online Admission System GET Parameter sql injectionVulDBVulDB08/04/202208/30/2022CVE-2022-2644
 
accepted
205564SourceCodester Online Admission System POST Parameter sql injectionVulDBVulDB08/04/202208/04/202208/30/2022CVE-2022-264342807
accepted
205344TEM FLEX-1085 reboot denial of serviceVulDBVulDB07/31/202207/31/202208/29/2022CVE-2022-259142578
accepted
205302SourceCodester Garage Management System createUser.php cross site scriptingVulDBVulDB07/29/202207/29/202208/28/2022CVE-2022-257942536
accepted
205301SourceCodester Garage Management System createUser.php access controlVulDBVulDB07/29/202207/29/202208/28/2022CVE-2022-257842537
accepted
205300SourceCodester Garage Management System edituser.php sql injectionVulDBVulDB07/29/202207/29/202208/28/2022CVE-2022-257742535
accepted
204575SourceCodester Library Management System index.php sql injectionVulDBVulDB07/20/202207/20/202208/15/2022CVE-2022-249241841
accepted
204574SourceCodester Library Management System lab.php sql injectionVulDBVulDB07/20/202207/20/202208/30/2022CVE-2022-249141840
accepted
204552SourceCodester Simple E-Learning System search.php sql injectionVulDBVulDB07/20/202207/20/202208/15/2022CVE-2022-249041839
accepted
204551SourceCodester Simple E-Learning System classRoom.php sql injectionVulDBVulDB07/20/202207/20/202208/15/2022CVE-2022-248941838
accepted
204539WAVLINK WN535K2/WN535K3 touchlist_sync.cgi os command injectionVulDBVulDB07/20/202207/20/202208/15/2022CVE-2022-248841746
accepted
204538WAVLINK WN535K2/WN535K3 nightled.cgi os command injectionVulDBVulDB07/20/202207/20/202208/15/2022CVE-2022-248741745
accepted
204537WAVLINK WN535K2/WN535K3 os command injectionVulDBVulDB07/20/202207/20/202208/15/2022CVE-2022-248641744
accepted
204161SourceCodester Garage Management System editbrand.php sql injectionVulDBVulDB07/19/202208/06/2022CVE-2022-2468
 
accepted
204160SourceCodester Garage Management System login.php sql injectionVulDBVulDB07/19/202207/19/202208/06/2022CVE-2022-246741682
accepted
203903URVE Web Manager uploader.php unrestricted uploadVulDBVulDB07/15/202207/15/202207/31/2022CVE-2022-242041410
accepted
203902URVE Web Manager upload.php unrestricted uploadVulDBVulDB07/15/202207/15/202207/31/2022CVE-2022-241941409
accepted
203901URVE Web Manager img_upload.php unrestricted uploadVulDBVulDB07/15/202207/15/202207/31/2022CVE-2022-241841408
accepted
203779SourceCodester Simple e-Learning System claire_blake cross site scriptingVulDBVulDB07/13/202207/13/202207/23/2022CVE-2022-239641291
accepted
203421SourceCodester Simple Parking Management System category cross site scriptingVulDBVulDB07/10/202207/10/202207/20/2022CVE-2022-236440794
accepted
203420SourceCodester Simple Parking Management System cross site scriptingVulDBVulDB07/10/202207/10/202207/20/2022CVE-2022-236340793
accepted
203179SourceCodester Clinics Patient Management System Login Page index.php sql injectionVulDBVulDB07/04/202207/04/202207/18/2022CVE-2022-229840499
accepted
203178SourceCodester Clinics Patient Management System unrestricted uploadVulDBVulDB07/04/202207/04/202207/18/2022CVE-2022-229740500
accepted
203167SourceCodester Simple Sales Management System create cross site scriptingVulDBVulDB07/03/202207/03/202207/18/2022CVE-2022-229340495
accepted
203166SourceCodester Hotel Management System Room Edit Page 1 cross site scriptingVulDBVulDB07/03/202207/03/202207/18/2022CVE-2022-229240494
accepted
203165SourceCodester Hotel Management System Search search cross site scriptingVulDBVulDB07/03/202207/03/202207/18/2022CVE-2022-229140493
accepted
202982Online Hotel Booking System Room edit_room_cat.php sql injectionVulDBVulDB06/30/202206/30/202207/17/2022CVE-2022-226340278
accepted
202981Online Hotel Booking System Room edit_all_room.php sql injectionVulDBVulDB06/30/202206/30/202207/17/2022CVE-2022-226240277
accepted
202760SourceCodester Library Management System bookdetails.php sql injectionVulDBVulDB06/27/202206/27/202207/15/2022CVE-2022-221440028
accepted
202759SourceCodester Library Management System cross site scriptingVulDBVulDB06/27/202206/27/202207/15/2022CVE-2022-221340027
accepted
202758SourceCodester Library Management System /card/index.php unrestricted uploadVulDBVulDB06/27/202206/27/202207/15/2022CVE-2022-221240026
accepted
202035SourceCodester Bank Management System cross site scriptingVulDBVulDB06/15/202206/15/202206/17/2022CVE-2022-208739153
accepted
202034SourceCodester Bank Management System login.php sql injectionVulDBVulDB06/15/202206/15/202206/17/2022CVE-2022-208639146
accepted
201960FileCloud NTFS access controlVulDBVulDB06/15/202206/17/2022CVE-2022-1958
 
accepted
201368SourceCodester Prison Management System System Name cross site scriptingVulDBVulDB06/07/202206/07/202206/10/2022CVE-2022-202038473
accepted
201367SourceCodester Prison Management System New User Creation improper authorizationVulDBVulDB06/07/202206/07/202206/10/2022CVE-2022-201938474
accepted
201366SourceCodester Prison Management System Inmate sql injectionVulDBVulDB06/07/202206/07/202206/10/2022CVE-2022-201838471
accepted
201365SourceCodester Prison Management System Visit view_visit.php sql injectionVulDBVulDB06/07/202206/07/202206/10/2022CVE-2022-201738472
accepted
201276Fast Food Ordering System Master List Master.php cross site scriptingVulDBVulDB06/03/202206/03/202206/08/2022CVE-2022-199138350
accepted
200951SourceCodester Product Show Room Site cross site scriptingVulDBVulDB06/02/202206/02/202206/04/2022CVE-2022-198038056
accepted
200950SourceCodester Product Show Room Site p=contact cross site scriptingVulDBVulDB06/02/202206/02/202206/04/2022CVE-2022-197938055
accepted
200586Student Information System Student Roll Module cross site scriptingVulDBVulDB05/24/202205/24/202205/29/2022CVE-2022-181937668
accepted
200585Home Clean Services Management System cross site scriptingVulDBVulDB05/24/202205/24/202205/29/2022CVE-2022-184037667
accepted
200584Home Clean Services Management System login.php sql injectionVulDBVulDB05/24/202205/24/202205/29/2022CVE-2022-183937666
accepted
200583Home Clean Services Management System login.php sql injectionVulDBVulDB05/24/202205/24/202205/29/2022CVE-2022-183837665
accepted
200582Home Clean Services Management System unrestricted uploadVulDBVulDB05/24/202205/24/202205/29/2022CVE-2022-183737664
accepted
200559Badminton Center Management System Userlist Module cross site scriptingVulDBVulDB05/23/202205/23/202205/29/2022CVE-2022-181737615
accepted
200558Zoo Management System Content Module cross site scriptingVulDBVulDB05/23/202205/23/202205/29/2022CVE-2022-181637613
accepted
199974WoWonder Group requests.php access controlVulDBVulDB05/17/202205/17/202205/18/2022CVE-2022-175337238
accepted
199060Bludit New Content Module new-content cross site scriptingVulDBVulDB05/05/202205/05/202205/07/2022CVE-2022-159036262
accepted
198706automad Dashboard cross site scriptingVulDBVulDB04/29/202204/29/202205/04/2022CVE-2022-153635906
accepted
198705Emlog Pro POST Parameter cross site scriptingVulDBVulDB04/29/202204/29/202205/04/2022CVE-2022-152635905
accepted
198542GetSimple CMS Content Module edit.php cross site scriptingVulDBVulDB04/27/202204/27/202204/30/2022CVE-2022-150335785
accepted
197290GhostPCL gsmchunk.c chunk_free_object memory corruptionVulDBVulDB04/14/202204/14/202204/19/2022CVE-2022-135034855
accepted
196755tildearrow Furnace Incomplete Fix CVE-2022-1211 denial of serviceVulDBVulDB04/10/202204/13/2022CVE-2022-1289
 
accepted
196751School Club Application System cross site scriptingVulDBVulDB04/09/202204/09/202204/13/2022CVE-2022-128834400
accepted
196750School Club Application System resource injectionVulDBVulDB04/09/202204/09/202204/13/2022CVE-2022-128734399
accepted
196550SAP Information System POST Request add_admin.php improper authenticationVulDBVulDB04/05/202204/06/202204/08/2022CVE-2022-124834203
accepted
196371tildearrow Furnace FUR to VGM Converter stack-based overflowVulDBVulDB04/03/202204/03/202204/10/2022CVE-2022-121133969
accepted
196363LibTIFF tiff2ps resource consumptionVulDBVulDB04/03/202204/03/202204/05/2022CVE-2022-121033966
accepted
195786SourceCodester Royale Event Management System companyprofile.php cross site scriptingVulDBVulDB03/25/202203/26/202203/27/2022CVE-2022-110233376
accepted
195785SourceCodester Royale Event Management System userregister.php improper authenticationVulDBVulDB03/25/202203/26/202203/27/2022CVE-2022-110133375
accepted
195643SourceCodester One Church Management System Session userregister.php improper authenticationVulDBVulDB03/23/202203/24/202203/25/2022CVE-2022-108433217
accepted
195642Microfinance Management System sql injectionVulDBVulDB03/23/202203/24/202203/29/2022CVE-2022-108333221
accepted
195641SourceCodester Microfinance Management System Login Page login.php sql injectionVulDBVulDB03/23/202203/24/202203/29/2022CVE-2022-108233220
accepted
195640SourceCodester Microfinance Management System addcustomerHandler.php cross site scriptingVulDBVulDB03/23/202203/24/202203/29/2022CVE-2022-108133222
accepted
195442SourceCodester One Church Management System attendancy.php sql injectionVulDBVulDB03/18/202203/18/202203/25/2022CVE-2022-108032959
accepted
195426SourceCodester One Church Management System churchprofile.php cross site scriptingVulDBVulDB03/18/202203/18/202203/29/2022CVE-2022-107932947
accepted
195368DolphinPHP User Management Page cross site scriptingVulDBVulDB03/17/202203/17/202203/25/2022CVE-2022-108632889
accepted
195203htmly Edit Profile Module cross site scriptingVulDBVulDB03/16/202203/16/202203/25/2022CVE-2022-108732739
accepted
194857CLTPHP POST Parameter cross site scriptingVulDBVulDB03/14/202203/14/202203/25/2022CVE-2022-108532547
accepted
194856SourceCodester College Website Management System sql injectionVulDBVulDB03/13/202203/14/202203/29/2022CVE-2022-107832536
accepted
194848TEM FLEX-1080/FLEX-1085 Log log.cgi information disclosureVulDBVulDB03/13/202203/14/202203/29/2022CVE-2022-107732537
accepted
194847Automatic Question Paper Generator System My Account Page login.php cross site scriptingVulDBVulDB03/13/202203/14/202203/25/2022CVE-2022-107632538
accepted
194846College Website Management System Contact cross site scriptingVulDBVulDB03/13/202203/13/202203/29/2022CVE-2022-107532539
accepted
194845TEM FLEX-1085 injectionVulDBVulDB03/05/202203/13/202203/25/2022CVE-2022-107431976
accepted
194839Automatic Question Paper Generator password recoveryVulDBVulDB03/05/202203/13/202203/25/2022CVE-2022-107331977
accepted
192029Microsoft Office 365 Conditional Access Policy access controlVulDBMicrosoft02/01/202206/15/2022CVE-2022-2077
 
accepted
192028Microsoft Office 365 session expirationVulDBMicrosoft02/01/202206/15/2022CVE-2022-2076
 
accepted

PreviousOverviewNext

Interested in the pricing of exploits?

See the underground prices here!