Skip to main content
CVE-2022-44399 CRITICAL POC Act Now

Poultry Farm Management System v1.0 contains a SQL injection vulnerability via the del parameter at /Redcock-Farm/farm/category.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Poultry Farm Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.8%
CVE-2022-44401 CRITICAL POC Act Now

Online Tours & Travels Management System v1.0 contains an arbitrary file upload vulnerability via /tour/admin/file.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload Online Tours Travels Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-44400 CRITICAL POC Act Now

Purchase Order Management System v1.0 contains a file upload vulnerability via /purchase_order/admin/?page=system_info. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

File Upload Purchase Order Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-44283 CRITICAL POC Act Now

AVS Audio Converter 10.3 is vulnerable to Buffer Overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Buffer Overflow Avs Audio Converter
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-3603 CRITICAL POC Act Now

The Export customers list csv for WooCommerce, WordPress users csv, export Guest customer list WordPress plugin before 2.0.69 does not validate data when outputting it back in a CSV file, which could. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection WordPress Export Customers List Csv For Woocommerce
NVD WPScan
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-36193 CRITICAL POC Act Now

SQL injection in School Management System 1.0 allows remote attackers to modify or delete data, causing persistent changes to the application's content or behavior by using malicious SQL queries. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi School Management System
NVD GitHub
CVSS 3.1
9.8
EPSS
1.4%
CVE-2022-41912 CRITICAL PATCH Act Now

The crewjam/saml go library prior to version 0.4.9 is vulnerable to an authentication bypass when processing SAML responses containing multiple Assertion elements. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Saml
NVD GitHub
CVSS 3.1
9.8
EPSS
2.2%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy