CVE-2022-40673

KDiskMark before 3.1.0 lacks authorization checking for D-Bus methods such as Helper::flushPageCache.Read More ...

Continue Reading
CVE-2022-36669

Hospital Information System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.Read More ...

Continue Reading
CVE-2022-37137

PayMoney 3.3 is vulnerable to Stored Cross-Site Scripting (XSS) during replying the ticket. The XSS can be obtain from injecting under "Message" field with "description" parameter with the specially c ...

Continue Reading
CVE-2022-37138

Loan Management System 1.0 is vulnerable to SQL Injection at the login page, which allows unauthorized users to login as Administrator after injecting username form.Read More ...

Continue Reading
CVE-2022-37139

Loan Management System version 1.0 suffers from a persistent cross site scripting vulnerability.Read More ...

Continue Reading
CVE-2022-37140

PayMoney 3.3 is vulnerable to Client Side Remote Code Execution (RCE). The vulnerability exists on the reply ticket function and upload the malicious file. A calculator will open when the victim who d ...

Continue Reading
CVE-2022-40626

An unauthenticated user can create a link with reflected Javascript code inside the backurl parameter and send it to other authenticated users in order to create a fake account with predefined login, ...

Continue Reading
CVE-2022-2977

This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...

Continue Reading

Back to Main

Subscribe for the latest news: