Export limit exceeded: 80142 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (80142 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-27365 | 1 Chshcms | 1 Cscms | 2024-11-21 | 7.2 High |
| Cscms Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via the component dance_Dance.php_del. | ||||
| CVE-2022-27352 | 1 Simple House Rental System Project | 1 Simple House Rental System | 2024-11-21 | 8.8 High |
| Simple House Rental System v1 was discovered to contain an arbitrary file upload vulnerability via /app/register.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file. | ||||
| CVE-2022-27349 | 1 Socialcodia | 1 Social Codia Sms | 2024-11-21 | 7.2 High |
| Social Codia SMS v1 was discovered to contain an arbitrary file upload vulnerability via addteacher.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file. | ||||
| CVE-2022-27346 | 1 Ecommerce-website Project | 1 Ecommerce-website | 2024-11-21 | 8.8 High |
| Ecommece-Website v1.1.0 was discovered to contain an arbitrary file upload vulnerability via /admin/index.php?slides. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file. | ||||
| CVE-2022-27340 | 1 Mingsoft | 1 Mcms | 2024-11-21 | 8.8 High |
| MCMS v5.2.7 contains a Cross-Site Request Forgery (CSRF) via /role/saveOrUpdateRole.do. This vulnerability allows attackers to escalate privileges and modify data. | ||||
| CVE-2022-27313 | 1 Gitea | 1 Gitea | 2024-11-21 | 7.5 High |
| An arbitrary file deletion vulnerability in Gitea v1.16.3 allows attackers to cause a Denial of Service (DoS) via deleting the configuration file. | ||||
| CVE-2022-27305 | 1 Gibbonedu | 1 Gibbon | 2024-11-21 | 8.8 High |
| Gibbon v23 does not generate a new session ID cookie after a user authenticates, making the application vulnerable to session fixation. | ||||
| CVE-2022-27295 | 1 Dlink | 2 Dir-619, Dir-619 Firmware | 2024-11-21 | 7.5 High |
| D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formAdvanceSetup. This vulnerability allows attackers to cause a Denial of Service (DoS) via the webpage parameter. | ||||
| CVE-2022-27294 | 1 Dlink | 2 Dir-619, Dir-619 Firmware | 2024-11-21 | 7.5 High |
| D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formWlanWizardSetup. This vulnerability allows attackers to cause a Denial of Service (DoS) via the webpage parameter. | ||||
| CVE-2022-27293 | 1 Dlink | 2 Dir-619, Dir-619 Firmware | 2024-11-21 | 7.5 High |
| D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formWlanSetup. This vulnerability allows attackers to cause a Denial of Service (DoS) via the webpage parameter. | ||||
| CVE-2022-27292 | 1 Dlink | 2 Dir-619, Dir-619 Firmware | 2024-11-21 | 7.5 High |
| D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formLanguageChange. This vulnerability allows attackers to cause a Denial of Service (DoS) via the nextPage parameter. | ||||
| CVE-2022-27291 | 1 Dlink | 2 Dir-619, Dir-619 Firmware | 2024-11-21 | 7.5 High |
| D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formdumpeasysetup. This vulnerability allows attackers to cause a Denial of Service (DoS) via the config.save_network_enabled parameter. | ||||
| CVE-2022-27290 | 1 Dlink | 2 Dir-619, Dir-619 Firmware | 2024-11-21 | 7.5 High |
| D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanDhcpplus. This vulnerability allows attackers to cause a Denial of Service (DoS) via the curTime parameter. | ||||
| CVE-2022-27289 | 1 Dlink | 2 Dir-619, Dir-619 Firmware | 2024-11-21 | 7.5 High |
| D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanL2TP. This vulnerability allows attackers to cause a Denial of Service (DoS) via the curTime parameter. | ||||
| CVE-2022-27288 | 1 Dlink | 2 Dir-619, Dir-619 Firmware | 2024-11-21 | 7.5 High |
| D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanPPTP. This vulnerability allows attackers to cause a Denial of Service (DoS) via the curTime parameter. | ||||
| CVE-2022-27287 | 1 Dlink | 2 Dir-619 Ax, Dir-619 Ax Firmware | 2024-11-21 | 7.5 High |
| D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanPPPoE. This vulnerability allows attackers to cause a Denial of Service (DoS) via the curTime parameter. | ||||
| CVE-2022-27286 | 1 Dlink | 2 Dir-619 Ax, Dir-619 Ax Firmware | 2024-11-21 | 7.5 High |
| D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanNonLogin. This vulnerability allows attackers to cause a Denial of Service (DoS) via the curTime parameter. | ||||
| CVE-2022-27279 | 1 Inhandnetworks | 2 Inrouter 900, Inrouter 900 Firmware | 2024-11-21 | 7.5 High |
| InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain an arbitrary file read via the function sub_177E0. | ||||
| CVE-2022-27261 | 1 Express-fileupload Project | 1 Express-fileupload | 2024-11-21 | 7.5 High |
| An arbitrary file write vulnerability in Express-FileUpload v1.3.1 allows attackers to upload multiple files with the same name, causing an overwrite of files in the web application server. | ||||
| CVE-2022-27257 | 1 Hubzilla | 1 Hubzilla | 2024-11-21 | 7.5 High |
| A PHP Local File Inclusion vulneraility in the default Redbasic theme for Hubzilla before version 7.2 allows remote attackers to include arbitrary php files via the schema parameter. | ||||