CVE-2022-30490

Badminton Center Management System V1.0 is vulnerable to SQL Injection via parameter 'id' in /bcms/admin/court_rentals/update_status.php.Read More ...

Continue Reading
CVE-2022-30482

Ecommerce-project-with-php-and-mysqli-Fruits-Bazar- 1.0 is vulnerable to Cross Site Scripting (XSS) in adminadd_cata.php via the ctg_name parameters.Read More ...

Continue Reading
CVE-2022-30481

Food-order-and-table-reservation-system- 1.0 is vulnerable to SQL Injection in categorywise-menu.php via the catid parameters.Read More ...

Continue Reading
CVE-2022-30478

Ecommerce-project-with-php-and-mysqli-Fruits-Bazar 1.0 is vulnerable to SQL Injection in search_product.php via the keyword parameters.Read More ...

Continue Reading
CVE-2022-30470

In Afian Filerun 20220202 Changing the "search_tika_path" variable to a custom (and previously uploaded) jar file results in remote code execution in the context of the webserver user.Read More ...

Continue Reading
CVE-2022-30425

Tenda Technology Co.,Ltd HG6 3.3.0-210926 was discovered to contain a command injection vulnerability via the pingAddr and traceAddr parameters. This vulnerability is exploited via a crafted POST requ ...

Continue Reading
CVE-2022-30423

Merchandise Online Store v1.0 by oretnom23 has an arbitrary code execution (RCE) vulnerability in the user profile upload point in the system information.Read More ...

Continue Reading
CVE-2022-30352

phpABook 0.9i is vulnerable to SQL Injection due to insufficient sanitization of user-supplied data in the "auth_user" parameter in index.php script.Read More ...

Continue Reading

Back to Main

Subscribe for the latest news: