Skip to main content
CVE-2022-32991 HIGH POC This Week

Web Based Quiz System v1.0 was discovered to contain a SQL injection vulnerability via the eid parameter at welcome.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Web Based Quiz System
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2022-32302 HIGH POC This Week

Theme Park Ticketing System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at edit_ticket.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Theme Park Ticketing System
NVD
CVSS 3.1
8.8
EPSS
0.9%
CVE-2022-32300 HIGH POC This Week

YoudianCMS v9.5.0 was discovered to contain a SQL injection vulnerability via the MailSendID parameter at /App/Lib/Action/Admin/MailAction.class.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Youdiancms
NVD
CVSS 3.1
8.8
EPSS
1.3%
CVE-2022-32299 HIGH POC This Week

YoudianCMS v9.5.0 was discovered to contain a SQL injection vulnerability via the id parameter at /App/Lib/Action/Admin/SiteAction.class.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Youdiancms
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2022-2086 HIGH POC THREAT This Week

A vulnerability, which was classified as critical, has been found in SourceCodester Bank Management System 1.0. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Bank Management System
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
19.0%
CVE-2022-32372 HIGH POC This Week

itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_subject.php?id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Advanced School Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32371 HIGH POC This Week

itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_teacher.php?id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Advanced School Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32370 HIGH POC This Week

itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_classroom.php?id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Advanced School Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32374 HIGH POC This Week

itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_subject_routing.php?id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Advanced School Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32373 HIGH POC This Week

itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_exam.php?id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Advanced School Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32368 HIGH POC This Week

itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_grade.php?id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Advanced School Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32433 HIGH POC This Week

itsourcecode Advanced School Management System v1.0 is vulnerable to Arbitrary code execution via ip/school/view/all_teacher.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP RCE File Upload Advanced School Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
1.3%
CVE-2022-32381 HIGH POC This Week

itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_admin_profile.php?my_index=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Advanced School Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32380 HIGH POC This Week

itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_student_subject.php?index=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Advanced School Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32379 HIGH POC This Week

itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_parents_profile.php?my_index=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Advanced School Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32378 HIGH POC This Week

itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_teacher_profile.php?my_index=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Advanced School Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32377 HIGH POC This Week

itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_exam_timetable.php?id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Advanced School Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32376 HIGH POC This Week

itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_events.php?event_id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Advanced School Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32375 HIGH POC This Week

itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via /school/model/get_timetable.php?id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Advanced School Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-32992 HIGH POC This Week

Online Tours And Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the tname parameter at /admin/operations/tax.php. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Tours And Travels Management System
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2022-30165 HIGH PATCH This Week

Windows Kerberos Elevation of Privilege Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows Server 2016 +2
NVD
CVSS 3.1
8.8
EPSS
4.2%
CVE-2022-30161 HIGH PATCH This Week

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
8.8
EPSS
2.3%
CVE-2022-30158 HIGH PATCH This Week

Microsoft SharePoint Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Microsoft Sharepoint Foundation Sharepoint Server
NVD
CVSS 3.1
8.8
EPSS
3.0%
CVE-2022-30157 HIGH PATCH This Week

Microsoft SharePoint Server Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Microsoft Sharepoint Server
NVD
CVSS 3.1
8.8
EPSS
7.4%
CVE-2022-30153 HIGH PATCH This Week

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Microsoft Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
8.8
EPSS
2.3%
CVE-2022-29450 HIGH PATCH This Week

Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Admin Management Xtended plugin <= 2.4.4 at WordPress. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

CSRF WordPress Admin Management Xtended
NVD GitHub
CVSS 3.1
8.8
EPSS
0.4%
CVE-2022-29437 HIGH This Week

Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Image Slider by NextCode plugin <= 1.1.2 at WordPress. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF WordPress Image Slider By Nextcode
NVD
CVSS 3.1
8.8
EPSS
0.4%
CVE-2022-33140 HIGH PATCH This Week

The optional ShellUserGroupProvider in Apache NiFi 1.10.0 to 1.16.2 and Apache NiFi Registry 0.6.0 to 1.16.2 does not neutralize arguments for group resolution commands, allowing injection of. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache Command Injection Apple Nifi Nifi Registry
NVD
CVSS 3.1
8.8
EPSS
3.7%
CVE-2022-30163 HIGH PATCH This Week

Windows Hyper-V Remote Code Execution Vulnerability. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable.

Race Condition RCE Microsoft Windows 10 Windows 11 +7
NVD
CVSS 3.1
8.5
EPSS
1.8%
CVE-2022-22021 HIGH PATCH This Week

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required.

Google RCE Microsoft Edge Chromium
NVD
CVSS 3.1
8.3
EPSS
2.8%
CVE-2022-30141 HIGH PATCH This Week

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

RCE Microsoft Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
8.1
EPSS
2.3%
CVE-2022-32156 HIGH This Week

In Splunk Enterprise and Universal Forwarder versions before 9.0, the Splunk command-line interface (CLI) did not validate TLS certificates while connecting to a remote Splunk platform instance by. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Splunk Information Disclosure Universal Forwarder
NVD
CVSS 3.1
8.1
EPSS
0.8%
CVE-2022-32154 HIGH This Week

Dashboards in Splunk Enterprise versions before 9.0 might let an attacker inject risky search commands into a form token when the token is used in a query in a cross-origin request. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Splunk Splunk Cloud Platform
NVD
CVSS 3.1
8.1
EPSS
1.3%
CVE-2022-32153 HIGH This Week

Splunk Enterprise peers in Splunk Enterprise versions before 9.0 and Splunk Cloud Platform versions before 8.2.2203 did not validate the TLS certificates during Splunk-to-Splunk communications by. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Splunk Information Disclosure Splunk Cloud Platform
NVD
CVSS 3.1
8.1
EPSS
0.9%
CVE-2022-30193 HIGH PATCH This Week

AV1 Video Extension Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Av1 Video Extension
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2022-30188 HIGH PATCH This Week

HEVC Video Extensions Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Hevc Video Extensions
NVD
CVSS 3.1
7.8
EPSS
2.6%
CVE-2022-30180 HIGH PATCH This Week

Azure RTOS GUIX Studio Information Disclosure Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure Azure Real Time Operating System Guix Studio
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2022-30179 HIGH PATCH This Week

Azure RTOS GUIX Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Azure Real Time Operating System Guix Studio
NVD
CVSS 3.1
7.8
EPSS
2.4%
CVE-2022-30178 HIGH PATCH This Week

Azure RTOS GUIX Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Azure Real Time Operating System Guix Studio
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2022-30177 HIGH PATCH This Week

Azure RTOS GUIX Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Azure Real Time Operating System Guix Studio
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2022-30174 HIGH PATCH This Week

Microsoft Office Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps Office Long Term Servicing Channel
NVD
CVSS 3.1
7.8
EPSS
3.1%
CVE-2022-30173 HIGH PATCH This Week

Microsoft Excel Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Excel Office Web Apps Server
NVD
CVSS 3.1
7.8
EPSS
2.2%
CVE-2022-30168 HIGH PATCH This Week

Microsoft Photos App Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft Photos
NVD
CVSS 3.1
7.8
EPSS
2.5%
CVE-2022-30167 HIGH PATCH This Week

AV1 Video Extension Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Av1 Video Extension
NVD
CVSS 3.1
7.8
EPSS
2.1%
CVE-2022-30166 HIGH PATCH This Week

Local Security Authority Subsystem Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 Windows 11 Windows 7 Windows 8 1 +6
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2022-30164 HIGH PATCH This Week

Kerberos AppContainer Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Authentication Bypass Windows 10 Windows 11 Windows 7 Windows 8 1 +6
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2022-30160 HIGH PATCH This Week

Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
6.3%
CVE-2022-30147 HIGH PATCH This Week

Windows Installer Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
4.5%
CVE-2022-30135 HIGH PATCH This Week

Windows Media Center Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 7 Windows 8 1 Windows Rt 8 1 +2
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-30132 HIGH PATCH This Week

Windows Container Manager Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows Server 2019 +1
NVD
CVSS 3.1
7.8
EPSS
0.7%
Page 1 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy