CVE-2026-2166

A security vulnerability has been detected in code-projects Online Reviewer System 1.0. The affected element is an unknown function of the file /login/index.php of the component Login. The manipulation of the argument username/password leads to sql injection. The attack is possible to be carried...

CVE-2026-2166 code-projects Online Reviewer System Login index.php sql injection

A security vulnerability has been detected in code-projects Online Reviewer System 1.0. The affected element is an unknown function of the file /login/index.php of the component Login. The manipulation of the argument username/password leads to sql injection. The attack is possible to be carried...

CVE-2021-2166

creationtimestamp| type| source ---|---|--- 2026-01-27 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-027-02...

MiracleLinux 7 : rh-mariadb105-mariadb (AXSA:2022-3124:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3124:01 advisory. mysql: Server: DML unspecified vulnerability CPU Apr 2021 CVE-2021-2154 mysql: Server: DML unspecified vulnerability CPU Apr 2021 CVE-2021-2166 mysq...

MiracleLinux 8 : mariadb:10.3, mariadb-10.3.32-2.module+el8+1407+4fb0bcc2 (AXSA:2022-3177:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3177:01 advisory. mysql: Server: DML unspecified vulnerability CPU Apr 2021 CVE-2021-2154 mysql: Server: DML unspecified vulnerability CPU Apr 2021 CVE-2021-2166 mysq...

EUVD-2026-2166

Concurrent execution using shared resource with improper synchronization 'race condition' in Windows SMB Server allows an authorized attacker to elevate privileges over a network...

PT-2026-2166

Name of the Vulnerable Software and Affected Versions wpDiscuz versions prior to 7.6.47 Description The software contains a stored cross-site scripting issue that permits authenticated attackers to inject malicious JavaScript. This is achieved by importing a specially crafted options file...

Linux Distros Unpatched Vulnerability : CVE-2021-2166

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 5.7.33 and prior and 8.0.23 and prior...

CVE-2019-2166

In libxaac there is a possible information disclosure due to uninitialized data. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117661478...

CVE-2022-2166

creationtimestamp| type| source ---|---|--- 2025-04-29 21:13:40+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13934...

CVE-2025-2166

creationtimestamp| type| source ---|---|--- 2025-03-14 04:53:30+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7525 2025-03-14 08:20:51+00:00| seen| https://t.me/cvedetector/20271...

CVE-2025-2166 CM FAQ – Simplify support with an intuitive FAQ management tool <= 1.2.5 - Reflected Cross-Site Scripting

The CM FAQ – Simplify support with an intuitive FAQ management tool plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of removequeryarg without appropriate escaping on the URL in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated...

CVE-2025-2166 CM FAQ – Simplify support with an intuitive FAQ management tool <= 1.2.5 - Reflected Cross-Site Scripting

The CM FAQ – Simplify support with an intuitive FAQ management tool plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of removequeryarg without appropriate escaping on the URL in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated...

CVE-2022-2166

Improper Restriction of Excessive Authentication Attempts in GitHub repository mastodon/mastodon prior to 4.0.0...

CVE-2024-2166

creationtimestamp| type| source ---|---|--- 2024-09-05 01:18:32+00:00| seen| https://t.me/cvedetector/4873...

CVE-2024-2166

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Forcepoint Email Security Real Time Monitor modules allows Reflected XSS.This issue affects Email Security: before 8.5.5 HF003...

CVE-2024-2166

CVE-2024-2166 affects Forcepoint Email Security (Real Time Monitor modules). Root cause: improper neutralization of input during web page generation, leading to a reflected cross-site scripting (XSS) vulnerability. Affected product version: Email Security prior to 8.5.5 HF003. CVSS details from N...

RHEL 8 : kernel (RHSA-2024:3528)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3528 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: NULL pointer dereference in...

RHEL 7 : mysql (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - mysql: InnoDB unspecified vulnerability CPU Oct 2021 CVE-2021-35604 - mysql: openssl: POLY1305 MAC...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a...