Skip to main content
CVE-2022-4606 CRITICAL POC PATCH THREAT Act Now

PHP Remote File Inclusion in GitHub repository flatpressblog/flatpress prior to 1.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

LFI Information Disclosure PHP Flatpress
NVD GitHub
CVSS 3.1
9.8
EPSS
35.4%
CVE-2022-4607 CRITICAL PATCH Act Now

A vulnerability was found in 3D City Database OGC Web Feature Service up to 5.2.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

XXE Ogc Web Feature Service
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2022-4594 CRITICAL PATCH Act Now

A vulnerability was found in drogatkin TJWS2. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

Path Traversal Tjws2
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.6%
CVE-2022-4592 CRITICAL PATCH Act Now

A vulnerability was found in luckyshot CRMx and classified as critical.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

PHP SQLi Crmx
NVD GitHub VulDB
CVSS 3.1
9.8
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy