Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Total 210374 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-30511 1 School Dormitory Management System Project 1 School Dormitory Management System 2022-06-10 7.5 HIGH 9.8 CRITICAL
School Dormitory Management System 1.0 is vulnerable to SQL Injection via accounts/view_details.php:4.
CVE-2022-30510 1 School Dormitory Management System Project 1 School Dormitory Management System 2022-06-10 7.5 HIGH 9.8 CRITICAL
School Dormitory Management System 1.0 is vulnerable to SQL Injection via reports/daily_collection_report.php:59.
CVE-2022-32020 1 Car Rental Management System Project 1 Car Rental Management System 2022-06-10 7.5 HIGH 9.8 CRITICAL
Car Rental Management System v1.0 is vulnerable to Arbitrary code execution via ip/car-rental-management-system/admin/ajax.php?action=save_settings.
CVE-2022-32026 1 Car Rental Management System Project 1 Car Rental Management System 2022-06-10 6.5 MEDIUM 7.2 HIGH
Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/manage_booking.php?id=.
CVE-2022-32021 1 Car Rental Management System Project 1 Car Rental Management System 2022-06-10 6.5 MEDIUM 7.2 HIGH
Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/manage_movement.php?id=.
CVE-2022-32024 1 Car Rental Management System Project 1 Car Rental Management System 2022-06-10 6.5 MEDIUM 7.2 HIGH
Car Rental Management System v1.0 is vulnerable to SQL Injection via car-rental-management-system/booking.php?car_id=.
CVE-2022-32022 1 Car Rental Management System Project 1 Car Rental Management System 2022-06-10 6.5 MEDIUM 7.2 HIGH
Car Rental Management System v1.0 is vulnerable to SQL Injection via /ip/car-rental-management-system/admin/ajax.php?action=login.
CVE-2022-30503 1 Nginx 1 Njs 2022-06-10 2.1 LOW 5.5 MEDIUM
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_set_number at src/njs_value.h.
CVE-2022-32025 1 Car Rental Management System Project 1 Car Rental Management System 2022-06-10 6.5 MEDIUM 7.2 HIGH
Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/view_car.php?id=.
CVE-2022-32027 1 Car Rental Management System Project 1 Car Rental Management System 2022-06-10 6.5 MEDIUM 7.2 HIGH
Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/index.php?page=manage_car&id=.
CVE-2022-32028 1 Car Rental Management System Project 1 Car Rental Management System 2022-06-10 6.5 MEDIUM 7.2 HIGH
Car Rental Management System v1.0 is vulnerable to SQL Injection via /car-rental-management-system/admin/manage_user.php?id=.
CVE-2022-30490 1 Badminton Center Management System Project 1 Badminton Center Management System 2022-06-10 7.5 HIGH 9.8 CRITICAL
Badminton Center Management System V1.0 is vulnerable to SQL Injection via parameter 'id' in /bcms/admin/court_rentals/update_status.php.
CVE-2022-24700 1 Winaprs 1 Winaprs 2022-06-10 5.0 MEDIUM 7.5 HIGH
** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in WinAPRS 2.9.0. A buffer overflow in DIGI address processing for VHF KISS packets allows a remote attacker to cause a denial of service (daemon crash) via a malicious AX.25 packet over the air. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2022-24701 1 Winaprs 1 Winaprs 2022-06-10 4.6 MEDIUM 7.8 HIGH
** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in WinAPRS 2.9.0. A buffer overflow in national.txt processing allows a local attacker to cause a denial of service or possibly achieve code execution. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2022-28690 1 Hornerautomation 1 Cscape 2022-06-10 6.8 MEDIUM 7.8 HIGH
The affected product is vulnerable to an out-of-bounds write via uninitialized pointer, which may allow an attacker to execute arbitrary code.
CVE-2022-30482 1 Ecommerce-project-with-php-and-mysqli-fruits-bazar Project 1 Ecommerce-project-with-php-and-mysqli-fruits-bazar 2022-06-10 3.5 LOW 4.8 MEDIUM
Ecommerce-project-with-php-and-mysqli-Fruits-Bazar- 1.0 is vulnerable to Cross Site Scripting (XSS) in \admin\add_cata.php via the ctg_name parameters.
CVE-2022-24702 1 Winaprs 1 Winaprs 2022-06-10 7.5 HIGH 9.8 CRITICAL
** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in WinAPRS 2.9.0. A buffer overflow in the VHF KISS TNC component allows a remote attacker to achieve remote code execution via malicious AX.25 packets over the air. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2022-30481 1 Food-order-and-table-reservation-system Project 1 Food-order-and-table-reservation-system 2022-06-10 7.5 HIGH 9.8 CRITICAL
Food-order-and-table-reservation-system- 1.0 is vulnerable to SQL Injection in categorywise-menu.php via the catid parameters.
CVE-2022-22361 1 Ibm 2 Business Automation Workflow, Business Process Manager 2022-06-10 4.3 MEDIUM 6.5 MEDIUM
IBM Business Automation Workflow traditional 21.0.1 through 21.0.3, 20.0.0.1 through 20.0.0.2, 19.0.0.1 through 19.0.0.3, 18.0.0.0 through 18.0.0.1, IBM Business Automation Workflow containers V21.0.1 - V21.0.3 20.0.0.1 through 20.0.0.2, IBM Business Process Manager 8.6.0.0 through 8.6.0.201803, and 8.5.0.0 through 8.5.0.201706 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
CVE-2022-29729 1 Verizon 2 4g Lte Network Extender, 4g Lte Network Extender Firmware 2022-06-10 5.0 MEDIUM 7.5 HIGH
Verizon 4G LTE Network Extender GA4.38 - V0.4.038.2131 utilizes a weak default admin password generation algorithm which generates passwords that are accessible to unauthenticated attackers via the webUI login page.