Skip to main content
CVE-2022-36267 CRITICAL POC THREAT Act Now

In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a Unauthenticated remote command injection vulnerability. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Command Injection Airspot 5410 Firmware
NVD GitHub Exploit-DB
CVSS 3.1
9.8
EPSS
53.8%
CVE-2022-2713 CRITICAL POC PATCH Act Now

Insufficient Session Expiration in GitHub repository cockpit-hq/cockpit prior to 2.2.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Cockpit
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-2460 CRITICAL POC Act Now

The WPDating WordPress plugin before 7.4.0 does not properly escape user input before concatenating it to certain SQL queries, leading to multiple SQL injection vulnerabilities exploitable by. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress SQLi Wpdating
NVD WPScan
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-2269 CRITICAL POC Act Now

The Website File Changes Monitor WordPress plugin before 1.8.3 does not sanitise and escape user input before using it in a SQL statement via an action available to users with the manage_options. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress SQLi Website File Changes Monitor
NVD WPScan
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-2707 CRITICAL POC Act Now

A vulnerability classified as critical was found in SourceCodester Online Class and Exam Scheduling System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Class And Exam Scheduling System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2022-2706 CRITICAL POC Act Now

A vulnerability classified as critical has been found in SourceCodester Online Class and Exam Scheduling System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Online Class And Exam Scheduling System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2022-2705 CRITICAL POC Act Now

A vulnerability was found in SourceCodester Simple Student Information System. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Simple Student Information System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2022-2698 CRITICAL POC Act Now

A vulnerability was found in SourceCodester Simple E-Learning System. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Simple E Learning System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2022-36264 CRITICAL POC Act Now

In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists an Unauthenticated remote Arbitrary File Upload vulnerability which allows overwriting arbitrary files. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Airspot 5410 Firmware
NVD GitHub
CVSS 3.1
9.1
EPSS
1.2%
CVE-2022-35490 CRITICAL Act Now

Zammad 5.2.0 is vulnerable to privilege escalation. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Privilege Escalation Zammad
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2022-2708 CRITICAL Act Now

A vulnerability, which was classified as critical, was found in SourceCodester Gym Management System. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Gym Management System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy