Skip to main content
CVE-2022-44354 CRITICAL POC Act Now

SolarView Compact 4.0 and 5.0 is vulnerable to Unrestricted File Upload via a crafted php file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP File Upload Solarview Compact Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
2.1%
CVE-2022-44038 CRITICAL POC Act Now

Russound XSourcePlayer 777D v06.08.03 was discovered to contain a remote code execution vulnerability via the scriptRunner.cgi component. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Xsourceplayer 777D Firmware
NVD
CVSS 3.1
9.8
EPSS
1.6%
CVE-2022-3751 CRITICAL PATCH Act Now

SQL Injection in GitHub repository owncast/owncast prior to 0.0.13. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

SQLi Owncast
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-42109 CRITICAL Act Now

Online-shopping-system-advanced 1.0 was discovered to contain a SQL injection vulnerability via the p parameter at /shopping/product.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Online Shopping System Advanced
NVD GitHub
CVSS 3.1
9.8
EPSS
1.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy