Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-41446 | 1 Record Management System Project | 1 Record Management System | 2022-11-28 | N/A | 5.4 MEDIUM |
| An access control issue in /Admin/dashboard.php of Record Management System using CodeIgniter v1.0 allows attackers to access and modify user data. | |||||
| CVE-2022-45363 | 1 Muffingroup | 1 Betheme | 2022-11-28 | N/A | 5.4 MEDIUM |
| Auth. (subscriber+) Stored Cross-Site Scripting (XSS) in Muffingroup Betheme theme <= 26.6.1 on WordPress. | |||||
| CVE-2022-44860 | 1 Automotive Shop Management System Project | 1 Automotive Shop Management System | 2022-11-28 | N/A | 7.2 HIGH |
| Automotive Shop Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/transactions/update_status.php. | |||||
| CVE-2022-44858 | 1 Automotive Shop Management System Project | 1 Automotive Shop Management System | 2022-11-28 | N/A | 7.2 HIGH |
| Automotive Shop Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /asms/products/view_product.php. | |||||
| CVE-2022-44859 | 1 Automotive Shop Management System Project | 1 Automotive Shop Management System | 2022-11-28 | N/A | 7.2 HIGH |
| Automotive Shop Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /asms/admin/products/manage_product.php. | |||||
| CVE-2022-44118 | 1 Dedebiz | 1 Dedecmsv6 | 2022-11-28 | N/A | 9.8 CRITICAL |
| dedecmdv6 v6.1.9 is vulnerable to Remote Code Execution (RCE) via file_manage_control.php. | |||||
| CVE-2022-43213 | 1 Billing System Project Project | 1 Billing System Project | 2022-11-28 | N/A | 9.8 CRITICAL |
| Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at editorder.php. | |||||
| CVE-2022-45207 | 1 Jeecg | 1 Jeecg Boot | 2022-11-28 | N/A | 9.8 CRITICAL |
| Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component updateNullByEmptyString. | |||||
| CVE-2022-45206 | 1 Jeecg | 1 Jeecg Boot | 2022-11-28 | N/A | 9.8 CRITICAL |
| Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/duplicate/check. | |||||
| CVE-2022-45205 | 1 Jeecg | 1 Jeecg Boot | 2022-11-28 | N/A | 5.3 MEDIUM |
| Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/dict/queryTableData. | |||||
| CVE-2022-45210 | 1 Jeecg | 1 Jeecg Boot | 2022-11-28 | N/A | 4.3 MEDIUM |
| Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/user/deleteRecycleBin. | |||||
| CVE-2022-45208 | 1 Jeecg | 1 Jeecg Boot | 2022-11-28 | N/A | 4.3 MEDIUM |
| Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/user/putRecycleBin. | |||||
| CVE-2022-44140 | 1 Jizhicms | 1 Jizhicms | 2022-11-28 | N/A | 8.8 HIGH |
| Jizhicms v2.3.3 was discovered to contain a SQL injection vulnerability via the /Member/memberedit.html component. | |||||
| CVE-2021-29334 | 1 Jizhicms | 1 Jizhicms | 2022-11-28 | N/A | 8.8 HIGH |
| An issue was discovered in JIZHI CMS 1.9.4. There is a CSRF vulnerability that can add an admin account via index, /admin.php/Admin/adminadd.html | |||||
| CVE-2022-44120 | 1 Dedebiz | 1 Dedecmsv6 | 2022-11-28 | N/A | 9.8 CRITICAL |
| dedecmdv6 6.1.9 is vulnerable to SQL Injection. via sys_sql_query.php. | |||||
| CVE-2022-43196 | 1 Dedebiz | 1 Dedecmsv6 | 2022-11-28 | N/A | 9.1 CRITICAL |
| dedecmdv6 v6.1.9 is vulnerable to Arbitrary file deletion via file_manage_control.php. | |||||
| CVE-2022-45276 | 1 Eyunjing | 1 Yjcms | 2022-11-28 | N/A | 9.8 CRITICAL |
| An issue in the /index/user/user_edit.html component of YJCMS v1.0.9 allows unauthenticated attackers to obtain the Administrator account password. | |||||
| CVE-2022-45280 | 1 Eyoucms | 1 Eyoucms | 2022-11-28 | N/A | 5.4 MEDIUM |
| A cross-site scripting (XSS) vulnerability in the Url parameter in /login.php of EyouCMS v1.6.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | |||||
| CVE-2022-45278 | 1 Jizhicms | 1 Jizhicms | 2022-11-28 | N/A | 8.8 HIGH |
| Jizhicms v2.3.3 was discovered to contain a SQL injection vulnerability via the /index.php/admins/Fields/get_fields.html component. | |||||
| CVE-2022-44117 | 1 Boa | 1 Boa | 2022-11-28 | N/A | 9.8 CRITICAL |
| Boa 0.94.14rc21 is vulnerable to SQL Injection via username. | |||||