Skip to main content
CVE-2022-2650 CRITICAL POC PATCH Act Now

Improper Restriction of Excessive Authentication Attempts in GitHub repository wger-project/wger prior to 2.2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Wger
NVD GitHub
CVSS 3.1
9.8
EPSS
0.7%
CVE-2022-4088 CRITICAL POC Act Now

A vulnerability was found in rickxy Stock Management System and classified as critical. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Stock Management System
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2022-4136 CRITICAL POC PATCH Act Now

Dangerous method exposed which can lead to RCE in qmpass/leadshop v1.4.15 allows an attacker to control the target host by calling any function in leadshop.php via the GET method. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure PHP Leadshop
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy