Skip to main content
CVE-2022-31994 HIGH POC This Week

Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=sales/view_details&id. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Badminton Center Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-31992 HIGH POC This Week

Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=court_rentals/view_court_rental&id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Badminton Center Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-31988 HIGH POC This Week

Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/admin/?page=reports/daily_services_report&date=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Badminton Center Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-31986 HIGH POC This Week

Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=reports/daily_court_rental_report&date=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Badminton Center Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-31985 HIGH POC This Week

Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=reports/daily_sales_report&date=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Badminton Center Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32006 HIGH POC This Week

Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/services/view_service.php?id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Badminton Center Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
1.0%
CVE-2022-32004 HIGH POC This Week

Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/admin/products/manage_product.php?id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Badminton Center Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
1.0%
CVE-2022-32003 HIGH POC This Week

Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/courts/view_court.php?id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Badminton Center Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
1.0%
CVE-2022-32001 HIGH POC This Week

Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/admin/products/view_product.php?id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Badminton Center Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
1.0%
CVE-2022-32000 HIGH POC This Week

Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=service_transactions/manage_service_transaction&id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Badminton Center Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
1.0%
CVE-2022-31998 HIGH POC This Week

Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=service_transactions/view_details&id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Badminton Center Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
1.0%
CVE-2022-31996 HIGH POC This Week

Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/admin/?page=sales/manage_sale&id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Badminton Center Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
1.0%
CVE-2022-31984 HIGH POC This Week

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/requests/take_action.php?id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Fire Reporting System
NVD GitHub
CVSS 3.1
7.2
EPSS
4.9%
CVE-2022-31983 HIGH POC This Week

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=requests/manage_request&id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Online Fire Reporting System
NVD GitHub
CVSS 3.1
7.2
EPSS
2.6%
CVE-2022-31982 HIGH POC This Week

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=requests/view_request&id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Online Fire Reporting System
NVD GitHub
CVSS 3.1
7.2
EPSS
2.0%
CVE-2022-31981 HIGH POC This Week

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=teams/view_team&id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Online Fire Reporting System
NVD GitHub
CVSS 3.1
7.2
EPSS
2.0%
CVE-2022-31980 HIGH POC This Week

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=teams/manage_team&id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Online Fire Reporting System
NVD GitHub
CVSS 3.1
7.2
EPSS
2.0%
CVE-2022-31975 HIGH POC This Week

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=user/manage_user&id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Online Fire Reporting System
NVD GitHub
CVSS 3.1
7.2
EPSS
4.9%
CVE-2022-31974 HIGH POC This Week

Online Fire Reporting System v1.0 is vulnerable to SQL Injection via /ofrs/admin/?page=reports&date=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Online Fire Reporting System
NVD GitHub
CVSS 3.1
7.2
EPSS
4.9%
CVE-2022-31971 HIGH POC This Week

ChatBot App with Suggestion v1.0 is vulnerable to SQL Injection via /simple_chat_bot/admin/?page=responses/view_response&id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Chatbot App With Suggestion
NVD GitHub
CVSS 3.1
7.2
EPSS
1.0%
CVE-2022-31970 HIGH POC This Week

ChatBot App with Suggestion v1.0 is vulnerable to SQL Injection via /simple_chat_bot/admin/?page=responses/manage_response&id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Chatbot App With Suggestion
NVD GitHub
CVSS 3.1
7.2
EPSS
1.0%
CVE-2022-31339 HIGH POC This Week

Simple Inventory System v1.0 is vulnerable to SQL Injection via /inventory/login.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Simple Inventory System
NVD GitHub
CVSS 3.1
7.2
EPSS
1.0%
CVE-2022-30836 HIGH POC This Week

Wedding Management System v1.0 is vulnerable to SQL Injection. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Wedding Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-30835 HIGH POC This Week

Wedding Management System v1.0 is vulnerable to SQL Injection. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Wedding Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-30834 HIGH POC This Week

Wedding Management System v1.0 is vulnerable to SQL Injection via /Wedding-Management/admin/client_manage_account_details.php?booking_id=31&user_id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Wedding Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
1.0%
CVE-2022-30833 HIGH POC This Week

Wedding Management System v1.0 is vulnerable to SQL Injection via /Wedding-Management/admin/client_edit.php?booking=31&user_id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Wedding Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
1.0%
CVE-2022-30832 HIGH POC This Week

Wedding Management System v1.0 is vulnerable to SQL Injection via /Wedding-Management/admin/client_assign.php?booking=31&user_id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Wedding Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-30831 HIGH POC This Week

Wedding Management System v1.0 is vulnerable to SQL Injection via Wedding-Management/wedding_details.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Wedding Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
1.0%
CVE-2022-30830 HIGH POC This Week

Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\feature_edit.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Wedding Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
1.0%
CVE-2022-30829 HIGH POC This Week

Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\users_edit.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Wedding Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-30828 HIGH POC This Week

Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\photos_edit.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Wedding Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
1.0%
CVE-2022-30827 HIGH POC This Week

Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\package_edit.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Wedding Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
1.0%
CVE-2022-30826 HIGH POC This Week

Wedding Management System v1.0 is vulnerable to SQL Injection via admin\client_assign.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Wedding Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
1.0%
CVE-2022-30825 HIGH POC This Week

Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\client_edit.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Wedding Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
1.0%
CVE-2022-30823 HIGH POC This Week

Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\blog_events_edit.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Wedding Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
1.0%
CVE-2022-30818 HIGH POC This Week

Wedding Management System v1.0 is vulnerable to SQL injection via /Wedding-Management/admin/blog_events_edit.php?id=31. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Wedding Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
1.0%
CVE-2022-30799 HIGH POC This Week

Online Ordering System v1.0 by oretnom23 has SQL injection via store/orderpage.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Ordering System
NVD GitHub
CVSS 3.1
7.2
EPSS
1.0%
CVE-2022-30798 HIGH POC This Week

Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/viewreport.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Ordering System
NVD GitHub
CVSS 3.1
7.2
EPSS
1.0%
CVE-2022-30795 HIGH POC This Week

Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/editproductimage.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Ordering System
NVD GitHub
CVSS 3.1
7.2
EPSS
1.0%
CVE-2022-31463 HIGH POC This Week

Owl Labs Meeting Owl 5.2.0.15 does not require a password for Bluetooth commands, because only client-side authentication is used. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass Meeting Owl Pro Firmware
NVD
CVSS 3.1
7.1
EPSS
1.0%
CVE-2022-30238 HIGH This Week

A CWE-287: Improper Authentication vulnerability exists that could allow an attacker to take over the admin account when an attacker hijacks a session. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Wiser Smart Eer21000 Firmware Wiser Smart Eer21001 Firmware
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-30232 HIGH PATCH This Week

A CWE-20: Improper Input Validation vulnerability exists that could cause potential remote code execution when an attacker is able to intercept and modify a request on the same network or has. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Powerlogic Ion Setup Firmware
NVD
CVSS 3.1
8.8
EPSS
1.1%
CVE-2022-28799 HIGH This Week

The TikTok application before 23.7.3 for Android allows account takeover. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Tiktok
NVD GitHub
CVSS 3.1
8.8
EPSS
15.5%
CVE-2022-22767 HIGH This Week

Specific BD Pyxis™ products were installed with default credentials and may presently still operate with these credentials. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Pyxis Anesthesia Station Es Firmware Pyxis Ciisafe Firmware Pyxis Logistics Firmware Pyxis Medbank Firmware +12
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2022-1797 HIGH This Week

A malformed Class 3 common industrial protocol message with a cached connection can cause a denial-of-service condition in Rockwell Automation Logix Controllers, resulting in a major nonrecoverable. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Rockwell Compactlogix 5380 Firmware Compact Guardlogix 5380 Firmware Compactlogix 5480 Firmware +6
NVD
CVSS 3.1
8.6
EPSS
1.9%
CVE-2022-30236 HIGH This Week

A CWE-669: Incorrect Resource Transfer Between Spheres vulnerability exists that could allow unauthorized access when an attacker uses cross-domain attacks. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Wiser Smart Eer21000 Firmware Wiser Smart Eer21001 Firmware
NVD
CVSS 3.1
8.2
EPSS
0.7%
CVE-2022-26867 HIGH This Week

PowerStore SW v2.1.1.0 supports the option to export data to either a CSV or an XLSX file. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection Powerstoreos
NVD
CVSS 3.1
8.0
EPSS
0.6%
CVE-2022-26868 HIGH This Week

Dell EMC PowerStore versions 2.0.0.x, 2.0.1.x, and 2.1.0.x are vulnerable to a command injection flaw. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Command Injection Dell Powerstoreos
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-22557 HIGH This Week

PowerStore contains Plain-Text Password Storage Vulnerability in PowerStore X & T environments running versions 2.0.0.x and 2.0.1.x A locally authenticated attacker could potentially exploit this. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Powerstoreos
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-31782 HIGH This Week

ftbench.c in FreeType Demo Programs through 2.12.1 has a heap-based buffer overflow. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Freetype Demo Programs
NVD
CVSS 3.1
7.8
EPSS
0.7%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy