CVE-2022-40878

In Exam Reviewer Management System 1.0, an authenticated attacker can upload a web-shell php file in profile page to achieve Remote Code Execution (RCE).Read More ...

Continue Reading

September 27, 2022

CVE-2022-40877

Exam Reviewer Management System 1.0 is vulnerable to SQL Injection via the ‘id’ parameter.Read More ...

Continue Reading

September 27, 2022

CVE-2022-40817

Zammad 5.2.1 has a fine-grained permission model that allows to configure read-only access to tickets. However, agents were still wrongly able to perform some operations on such tickets, like adding a ...

Continue Reading

September 27, 2022

CVE-2022-40816

Zammad 5.2.1 is vulnerable to Incorrect Access Control. Zammad's asset handling mechanism has logic to ensure that customer users are not able to see personal information of other users. This logic wa ...

Continue Reading

September 27, 2022

CVE-2022-40353

Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/up_booking.php.Read More ...

Continue Reading

September 27, 2022

CVE-2022-40352

Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/update_traveller.php.Read More ...

Continue Reading

September 27, 2022

CVE-2022-40199

Directory traversal vulnerability in EC-CUBE 3 series (EC-CUBE 3.0.0 to 3.0.18-p4 ) and EC-CUBE 4 series (EC-CUBE 4.0.0 to 4.1.2) allows a remote authenticated attacker with an administrative privileg ...

Continue Reading

September 27, 2022

CVE-2022-38975

DOM-based cross-site scripting vulnerability in EC-CUBE 4 series (EC-CUBE 4.0.0 to 4.1.2) allows a remote attacker to inject an arbitrary script by having an administrative user of the product to visi ...

Continue Reading

September 27, 2022

1 72,984 72,985 72,986 72,987 72,988 82,847

Back to Main
Subscribe for the latest news: