Skip to main content
CVE-2022-28001 CRITICAL POC Act Now

Movie Seat Reservation v1 was discovered to contain a SQL injection vulnerability at /index.php?page=reserve via the id parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Movie Seat Reservation
NVD GitHub
CVSS 3.1
9.8
EPSS
1.8%
CVE-2022-27357 CRITICAL POC Act Now

Ecommerce-Website v1 was discovered to contain an arbitrary file upload vulnerability via /customer_register.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP RCE File Upload Ecommerce Website
NVD GitHub
CVSS 3.1
9.8
EPSS
3.3%
CVE-2022-27351 CRITICAL POC Act Now

Zoo Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via /public_html/apply_vacancy. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP RCE File Upload Zoo Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
3.2%
CVE-2022-28805 CRITICAL POC PATCH Act Now

singlevar in lparser.c in Lua from (including) 5.4.0 up to (excluding) 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Buffer Overflow Information Disclosure Lua Fedora
NVD GitHub
CVSS 3.1
9.1
EPSS
2.9%
CVE-2022-26854 CRITICAL Act Now

Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain risky cryptographic algorithms. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Powerscale Onefs
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2022-26852 CRITICAL Act Now

Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a predictable seed in pseudo-random number generator. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Powerscale Onefs
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-27047 CRITICAL Act Now

mogu_blog_cms 5.2 suffers from upload arbitrary files without any limitation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload Mogu Blog Cms
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-26851 CRITICAL Act Now

Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from observable state vulnerability. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Powerscale Onefs
NVD
CVSS 3.1
9.1
EPSS
0.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy