Skip to main content
CVE-2022-44291 CRITICAL POC Act Now

webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in phasesets.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Webtareas
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
3.7%
CVE-2022-44290 CRITICAL POC Act Now

webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in deleteapprovalstages.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Webtareas
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
3.7%
CVE-2022-44945 CRITICAL POC Act Now

Rukovoditel v3.2.1 was discovered to contain a SQL injection vulnerability via the heading_field_id parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Rukovoditel
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-3520 CRITICAL POC PATCH Act Now

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Heap Overflow Buffer Overflow Vim
NVD GitHub
CVSS 3.1
9.8
EPSS
1.0%
CVE-2022-44367 CRITICAL POC Act Now

Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setUplinkInfo. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow I21 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-44366 CRITICAL POC Act Now

Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setDiagnoseInfo. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow I21 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
9.9%
CVE-2022-44365 CRITICAL POC Act Now

Tenda i21 V1.0.0.14(4656) has a stack overflow vulnerability via /goform/setSysPwd. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow I21 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-44362 CRITICAL POC Act Now

Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/AddSysLogRule. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Tenda Buffer Overflow I21 Firmware
NVD GitHub
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-44930 CRITICAL POC Act Now

D-Link DHP-W310AV 3.10EU was discovered to contain a command injection vulnerability via the System Checks function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dhp W310Av Firmware
NVD
CVSS 3.1
9.8
EPSS
2.5%
CVE-2022-44929 CRITICAL POC Act Now

An access control issue in D-Link DVG-G5402SP GE_1.03 allows unauthenticated attackers to escalate privileges via arbitrarily editing VoIP SIB profiles. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Privilege Escalation Dvg G5402Sp Firmware
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2022-44928 CRITICAL POC Act Now

D-Link DVG-G5402SP GE_1.03 was discovered to contain a command injection vulnerability via the Maintenance function. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

D-Link Command Injection Dvg G5402Sp Firmware
NVD
CVSS 3.1
9.8
EPSS
2.7%
CVE-2022-43325 CRITICAL POC Act Now

An unauthenticated command injection vulnerability in the product license validation function of Telos Alliance Omnia MPX Node 1.3.* - 1.4.* allows attackers to execute arbitrary commands via a. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Omnia Mpx Node Firmware
NVD
CVSS 3.1
9.8
EPSS
3.2%
CVE-2022-45562 HIGH POC This Week

Insecure permissions in Telos Alliance Omnia MPX Node v1.0.0 to v1.4.9 allow attackers to manipulate and access system settings with backdoor account low privilege, this can lead to change hardware. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Omnia Mpx Node Firmware
NVD
CVSS 3.1
8.8
EPSS
1.0%
CVE-2022-45672 HIGH POC This Week

Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the formWx3AuthorizeSet function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow I22 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
9.1%
CVE-2022-45671 HIGH POC This Week

Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the appData parameter in the formSetAppFilterRule function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow I22 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-45670 HIGH POC This Week

Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the ping1 parameter in the formSetAutoPing function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow I22 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-45669 HIGH POC This Week

Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterGet function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow I22 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-45664 HIGH POC This Week

Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDget function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow I22 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-45663 HIGH POC This Week

Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterSet function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow I22 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-45661 HIGH POC This Week

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the time parameter in the setSmartPowerManagement function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Ac6 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-45660 HIGH POC This Week

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the schedStartTime parameter in the setSchedWifi function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Ac6 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-45659 HIGH POC This Week

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the wpapsk_crypto parameter in the fromSetWirelessRepeat function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Ac6 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-45658 HIGH POC This Week

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the schedEndTime parameter in the setSchedWifi function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Ac6 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-45657 HIGH POC This Week

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Ac6 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-45656 HIGH POC This Week

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the time parameter in the fromSetSysTime function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Ac6 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-45655 HIGH POC This Week

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the timeZone parameter in the form_fast_setting_wifi_set function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Ac6 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-45654 HIGH POC This Week

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the ssid parameter in the form_fast_setting_wifi_set function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Ac6 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-45653 HIGH POC This Week

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the page parameter in the fromNatStaticSetting function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Ac6 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-45652 HIGH POC This Week

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the startIp parameter in the formSetPPTPServer function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Ac6 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-45651 HIGH POC This Week

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the list parameter in the formSetVirtualSer function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Ac6 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-45650 HIGH POC This Week

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the firewallEn parameter in the formSetFirewallCfg function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Ac6 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-45649 HIGH POC This Week

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the endIp parameter in the formSetPPTPServer function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Ac6 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-45648 HIGH POC This Week

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the devName parameter in the formSetDeviceName function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Ac6 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-45647 HIGH POC This Week

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the limitSpeed parameter in the formSetClientState function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Ac6 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-45646 HIGH POC This Week

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the limitSpeedUp parameter in the formSetClientState function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Ac6 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-45645 HIGH POC This Week

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceMac parameter in the addWifiMacFilter function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Ac6 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-45644 HIGH POC This Week

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceId parameter in the formSetClientState function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Ac6 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-45643 HIGH POC This Week

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceId parameter in the addWifiMacFilter function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Ac6 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-45641 HIGH POC This Week

Tenda AC6V1.0 V15.03.05.19 is vulnerable to Buffer Overflow via formSetMacFilterCfg. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda Buffer Overflow Ac6 Firmware
NVD GitHub
CVSS 3.1
7.5
EPSS
0.8%
CVE-2022-43272 HIGH POC PATCH This Week

DCMTK v3.6.7 was discovered to contain a memory leak via the T_ASC_Association object. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Information Disclosure Dcmtk
NVD GitHub
CVSS 3.1
7.5
EPSS
1.6%
CVE-2022-44348 HIGH POC This Week

Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/orders/update_status.php?id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Sanitization Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.7%
CVE-2022-44347 HIGH POC This Week

Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/?page=inquiries/view_inquiry&id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Sanitization Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.7%
CVE-2022-44345 HIGH POC This Week

Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/?page=quotes/view_quote&id=. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Sanitization Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.7%
CVE-2022-44277 HIGH POC This Week

Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/classes/Master.php?f=delete_product. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Sanitization Management System
NVD GitHub
CVSS 3.1
7.2
EPSS
0.7%
CVE-2022-4215 MEDIUM POC PATCH This Month

The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'date' parameter on the 'chainedquiz_list' page in versions up to, and including, 1.3.2.3 due to. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS WordPress Chained Quiz
NVD VulDB GitHub
CVSS 3.1
6.1
EPSS
2.5%
CVE-2022-45668 MEDIUM POC This Month

Tenda i22 V1.0.0.3(4687) is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda CSRF I22 Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2022-45667 MEDIUM POC This Month

Tenda i22 V1.0.0.3(4687) is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda CSRF I22 Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2022-45674 MEDIUM POC This Month

Tenda AC6V1.0 V15.03.05.19 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda CSRF Ac6 Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2022-45673 MEDIUM POC This Month

Tenda AC6V1.0 V15.03.05.19 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Tenda CSRF Ac6 Firmware
NVD GitHub
CVSS 3.1
6.5
EPSS
0.3%
CVE-2022-4208 MEDIUM POC PATCH This Month

The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'datef' parameter on the 'chainedquiz_list' page in versions up to, and including, 1.3.2 due to. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS WordPress Chained Quiz
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
2.0%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy