Skip to main content
CVE-2022-2650 CRITICAL POC PATCH Act Now

Improper Restriction of Excessive Authentication Attempts in GitHub repository wger-project/wger prior to 2.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Wger
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2022-4088 CRITICAL POC Act Now

A vulnerability was found in rickxy Stock Management System and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Stock Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2022-4136 CRITICAL POC PATCH Act Now

Dangerous method exposed which can lead to RCE in qmpass/leadshop v1.4.15 allows an attacker to control the target host by calling any function in leadshop.php via the GET method. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure PHP Leadshop
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-4090 HIGH POC This Week

A vulnerability was found in rickxy Stock Management System and classified as problematic.php?action=add. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP CSRF Authentication Bypass Stock Management System
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.2%
CVE-2022-4089 MEDIUM POC This Month

A vulnerability was found in rickxy Stock Management System. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Stock Management System
NVD GitHub VulDB
CVSS 3.1
5.4
EPSS
0.4%
CVE-2022-26885 HIGH PATCH This Week

When using tasks to read config files, there is a risk of database password disclosure. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Dolphinscheduler
NVD
CVSS 3.1
7.5
EPSS
1.2%
CVE-2022-40977 HIGH This Week

A path traversal vulnerability was discovered in Pilz PASvisu Server before 1.12.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Pasvisu Pmi V507 Firmware Pmi V512 Firmware Pmi V704E Firmware +4
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2022-44748 HIGH This Week

A directory traversal vulnerability in the ZIP archive extraction routines of KNIME Server since 4.3.0 can result in arbitrary files being overwritten on the server's file system. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. No vendor patch available.

Path Traversal RCE Knime Server
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2022-44749 HIGH This Week

A directory traversal vulnerability in the ZIP archive extraction routines of KNIME Analytics Platform 3.2.0 and above can result in arbitrary files being overwritten on the user's system. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. No vendor patch available.

Path Traversal RCE Knime Analytics Platform
NVD
CVSS 3.1
7.0
EPSS
0.4%
CVE-2022-40266 MEDIUM This Month

Improper Input Validation vulnerability in Mitsubishi Electric GOT2000 Series GT27 model FTP server versions 01.39.000 and prior, Mitsubishi Electric GOT2000 Series GT25 model FTP server versions. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Got2000 Gt27 Firmware Got2000 Gt25 Firmware Got2000 Gt23 Firmware
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2022-40976 MEDIUM This Month

A path traversal vulnerability was discovered in multiple Pilz products. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Path Traversal Pas 4000 Pascal Pasconnect Pasmotion +1
NVD
CVSS 3.1
5.5
EPSS
0.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy