CVE-2026-2222 code-projects Online Reviewer System btn_functions.php cross site scripting

A weakness has been identified in code-projects Online Reviewer System 1.0. Affected by this vulnerability is an unknown functionality of the file /system/system/admins/manage/users/btnfunctions.php. Executing a manipulation of the argument firstname can lead to cross site scripting. The attack m...

CVE-2019-2222

n ihevcdparseslicedata of ihevcdparseslice.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8...

Exploit for CVE-2025-11534

Raisecomm RAX701-GC-WP-01 SSH Authentication Bypass Exploit C...

Huawei EulerOS: Security Advisory for gdb (EulerOS-SA-2025-2222)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2007-0653

Malware in sbrugna...

EUVD-2018-10118

Malware in sbrugna...

CVE-2024-2222

The Advanced Classifieds & Directory Pro plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the ajaxcallbackdeleteattachment function in all versions up to, and including, 3.0.0. This makes it possible for authenticated attackers, with subscriber...

CVE-2025-2222

CWE-552: Files or Directories Accessible to External Parties vulnerability over https exists that could leak information and potential privilege escalation following man in the middle attack...

CVE-2025-2222

CWE-552: Files or Directories Accessible to External Parties vulnerability over https exists that could leak information and potential privilege escalation following man in the middle attack...

CVE-2025-2222

creationtimestamp| type| source ---|---|--- 2025-04-09 10:47:58+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/11041 2025-04-09 14:15:53+00:00| seen| https://t.me/cvedetector/22552 2025-04-17 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-107-03...

CVE-2025-2222

CWE-552: Files or Directories Accessible to External Parties vulnerability over https exists that could leak information and potential privilege escalation following man in the middle attack...

CVE-2025-2222

CWE-552: Files or Directories Accessible to External Parties vulnerability over https exists that could leak information and potential privilege escalation following man in the middle attack...

CVE-2025-2222

The CVE-2025-2222 entry relates to Schneider Electric ConneXium Network Manager. Affected component: the ConneXium Network Manager software; vulnerability arises from an externally accessible file or directory over HTTPS, enabling information disclosure and potential privilege escalation via a ma...

Linux Distros Unpatched Vulnerability : CVE-2023-2222

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rejected reason: This was deemed not a security vulnerability by upstream. CVE-2023-2222 Note that Nessus relies on the presence of the package as reported by t...

GHSA-6Q4M-8CMC-2222 vulnerabilities

Vulnerabilities for packages: firefox...

CVE-2024-2222

The Advanced Classifieds & Directory Pro plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the ajaxcallbackdeleteattachment function in all versions up to, and including, 3.0.0. This makes it possible for authenticated attackers, with subscriber...

CVE-2024-2222

CVE-2024-2222 (Advanced Classifieds & Directory Pro for WordPress) : Vulnerability due to a missing capability check in ajax_callback_delete_attachment across all versions up to 3.0.0. This allows authenticated users with subscriber+ access to delete arbitrary media uploads, i.e., unauthorized da...

CVE-2024-2222 Advanced Classifieds & Directory Pro <= 3.0.0 - Missing Authorization to Arbitrary Attachment Deletion

The Advanced Classifieds & Directory Pro plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the ajaxcallbackdeleteattachment function in all versions up to, and including, 3.0.0. This makes it possible for authenticated attackers, with subscriber...

WordPress Advanced Classifieds & Directory Pro Plugin <= 3.0.0 is vulnerable to Broken Access Control

Software Advanced Classifieds & Directory Pro Type Plugin Vulnerable versions = 3.0.0 Fixed in 3.1.2 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-2222 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 0df0ba101fff Credits Lucio Sá...

CVE-2019-2222

creationtimestamp| type| source ---|---|--- 2024-03-09 07:36:29+00:00| seen| https://t.me/ctinow/203796...