Skip to main content
CVE-2021-42872 CRITICAL POC Act Now

TOTOLINK EX1200T V4.1.2cu.5215 is affected by a command injection vulnerability that can remotely execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection Ex1200t Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
8.2%
CVE-2021-42875 CRITICAL POC Act Now

TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in the function setDiagnosisCfg of the file lib/cste_modules/system.so to control the ipDoamin. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Ex1200t Firmware
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
5.0%
CVE-2022-28945 CRITICAL POC Act Now

An issue in Webbank WeCube v3.2.2 allows attackers to execute a directory traversal via a crafted ZIP file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Path Traversal Webcube
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
2.0%
CVE-2022-30490 CRITICAL POC Act Now

Badminton Center Management System V1.0 is vulnerable to SQL Injection via parameter 'id' in /bcms/admin/court_rentals/update_status.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi PHP Badminton Center Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
1.3%
CVE-2022-29704 CRITICAL POC Act Now

BrowsBox CMS v4.0 was discovered to contain a SQL injection vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Brows Box
NVD VulDB
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-32019 CRITICAL POC Act Now

Car Rental Management System v1.0 is vulnerable to Arbitrary code execution via car-rental-management-system/admin/ajax.php?action=save_car. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP RCE File Upload Car Rental Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
2.4%
CVE-2022-32020 CRITICAL POC Act Now

Car Rental Management System v1.0 is vulnerable to Arbitrary code execution via ip/car-rental-management-system/admin/ajax.php?action=save_settings. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP RCE Car Rental Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.9%
CVE-2022-31993 CRITICAL POC Act Now

Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/classes/Master.php?f=delete_service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Badminton Center Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31991 CRITICAL POC Act Now

Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/classes/Master.php?f=delete_court. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Badminton Center Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31990 CRITICAL POC Act Now

Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/classes/Master.php?f=delete_product. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Badminton Center Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31989 CRITICAL POC Act Now

Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=user/manage_user&id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Badminton Center Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31978 CRITICAL POC Act Now

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=delete_inquiry. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Fire Reporting System
NVD GitHub
CVSS 3.1
9.8
EPSS
7.2%
CVE-2022-31977 CRITICAL POC Act Now

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=delete_team. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Fire Reporting System
NVD GitHub
CVSS 3.1
9.8
EPSS
7.2%
CVE-2022-31976 CRITICAL POC Act Now

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/classes/Master.php?f=delete_request. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Fire Reporting System
NVD GitHub
CVSS 3.1
9.8
EPSS
7.2%
CVE-2022-31969 CRITICAL POC Act Now

ChatBot App with Suggestion v1.0 is vulnerable to SQL Injection via /simple_chat_bot/admin/?page=user/manage_user&id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Chatbot App With Suggestion
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31965 CRITICAL POC Act Now

Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/respondent_types/manage_respondent_type.php?id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Rescue Dispatch Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31964 CRITICAL POC Act Now

Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via rdms/admin/respondent_types/view_respondent_type.php?id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Rescue Dispatch Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31962 CRITICAL POC Act Now

Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/incidents/view_incident.php?id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Rescue Dispatch Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31961 CRITICAL POC Act Now

Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/incidents/manage_incident.php?id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Rescue Dispatch Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31959 CRITICAL POC Act Now

Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/teams/manage_team.php?id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Rescue Dispatch Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31957 CRITICAL POC Act Now

Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via rdms/admin/teams/view_team.php?id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Rescue Dispatch Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31956 CRITICAL POC Act Now

Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/incident_reports/manage_report.php?id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Rescue Dispatch Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31953 CRITICAL POC Act Now

Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/incident_reports/view_report.php?id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Rescue Dispatch Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31952 CRITICAL POC Act Now

Rescue Dispatch Management System v1.0 is vulnerable to SQL injection via /rdms/classes/Master.php?f=delete_incident. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Rescue Dispatch Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31951 CRITICAL POC Act Now

Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/classes/Master.php?f=delete_respondent_type. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Rescue Dispatch Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31948 CRITICAL POC Act Now

Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/classes/Master.php?f=delete_report. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Rescue Dispatch Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31946 CRITICAL POC Act Now

Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/classes/Master.php?f=delete_team. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Rescue Dispatch Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31354 CRITICAL POC Act Now

Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/classes/Master.php?f=get_vehicle_service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Car Wash Booking System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31353 CRITICAL POC Act Now

Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/admin/services/view_service.php?id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Car Wash Booking System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31352 CRITICAL POC Act Now

Online Car Wash Booking System v1.0 by oretnom23 has SQL injection in /ocwbs/admin/services/manage_service.php?id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Car Wash Booking System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31351 CRITICAL POC Act Now

Online Car Wash Booking System v1.0 by oretnom23 has SQL injection via /ocwbs/admin/services/manage_price.php?id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Car Wash Booking System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31350 CRITICAL POC Act Now

Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/admin/vehicles/manage_vehicle.php?id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Car Wash Booking System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31348 CRITICAL POC Act Now

Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/admin/bookings/update_status.php?id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Car Wash Booking System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31347 CRITICAL POC Act Now

Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/classes/Master.php?f=delete_vehicle. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Car Wash Booking System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31346 CRITICAL POC Act Now

Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/classes/Master.php?f=delete_service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Car Wash Booking System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31345 CRITICAL POC Act Now

Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/admin/?page=user/manage_user&id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Online Car Wash Booking System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31344 CRITICAL POC Act Now

Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/classes/Master.php?f=delete_booking. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Car Wash Booking System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31343 CRITICAL POC Act Now

Online Car Wash Booking System v1.0 is vulnerable to SQL Injection via /ocwbs/admin/?page=bookings/view_details&id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Online Car Wash Booking System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31340 CRITICAL POC Act Now

Simple Inventory System v1.0 is vulnerable to SQL Injection via /inventory/table_edit_ajax.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Simple Inventory System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31338 CRITICAL POC Act Now

Online Ordering System 2.3.2 is vulnerable to SQL Injection via /ordering/admin/user/index.php?view=edit&id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Ordering System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31337 CRITICAL POC Act Now

Online Ordering System 2.3.2 is vulnerable to SQL Injection via /ordering/admin/category/index.php?view=edit&id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Ordering System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31336 CRITICAL POC Act Now

Online Ordering System 2.3.2 is vulnerable to SQL Injection via /ordering/admin/stockin/loaddata.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Ordering System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31335 CRITICAL POC Act Now

Online Ordering System 2.3.2 is vulnerable to SQL Injection via /ordering/admin/stockin/index.php?view=edit&id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Ordering System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31329 CRITICAL POC Act Now

Online Ordering System By janobe 2.3.2 is vulnerable to SQL Injection via /ordering/admin/orders/loaddata.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Ordering System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31328 CRITICAL POC Act Now

Online Ordering System By janobe 2.3.2 has SQL Injection via /ordering/admin/products/index.php?view=edit&id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Ordering System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-31327 CRITICAL POC Act Now

Online Ordering System By janobe 2.3.2 is vulneranle to SQL Injection via /ordering/index.php?q=products&id=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Ordering System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-30817 CRITICAL POC Act Now

Simple Bus Ticket Booking System 1.0 is vulnerable to SQL Injection via /SimpleBusTicket/index.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Simple Bus Ticket Booking System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-30816 CRITICAL POC Act Now

elitecms 1.01 is vulnerable to SQL Injection via /admin/edit_sidebar.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Elite Cms
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-30815 CRITICAL POC Act Now

elitecms 1.01 is vulnerable to SQL Injection via admin/edit_sidebar.php?page=2&sidebar=. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Elite Cms
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-30814 CRITICAL POC Act Now

elitecms v1.01 is vulnerable to SQL Injection via /admin/add_sidebar.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Elite Cms
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
Page 1 of 6 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy