Linux Distros Unpatched Vulnerability : CVE-2018-25222

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SC v7.16 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying oversized input that exceeds...

CVE-2018-25222

creationtimestamp| type| source ---|---|--- 2026-03-28 14:02:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mi4scxo5sc2s...

CVE-2018-25222

SC v7.16 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying oversized input that exceeds buffer boundaries. Attackers can craft malicious input strings exceeding 1052 bytes to overwrite the instruction pointer and execute...

CVE-2026-25222

CVE-2026-25222 describes a timing-attack in PolarLearn’s sign-in flow for versions prior to 0-PRERELEASE-15. An unauthenticated attacker can infer whether an email is registered by measuring login response times: requests for existing users take ~650ms, while non-existent users are ~160ms, becaus...

CVE-2022-25222

Money Transfer Management System Version 1.0 allows an unauthenticated user to inject SQL queries in 'admin/maintenance/managebranch.php' and 'admin/maintenance/managefee.php' via the 'id' parameter...

CVE-2019-25222

creationtimestamp| type| source ---|---|--- 2025-03-15 06:46:41+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7672 2025-03-15 09:26:15+00:00| seen| https://t.me/cvedetector/20363 2025-03-15 11:01:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkfxwfi62s2s...

CVE-2019-25222 Thumbnail carousel slider <= 1.0.4 - Authenticated (Admin+) SQL Injection

The Thumbnail carousel slider plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 1.0.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

CVE-2019-25222

CVE-2019-25222 affects the WordPress plugin Thumbnail carousel slider (versions

CVE-2019-25222 Thumbnail carousel slider <= 1.0.4 - Authenticated (Admin+) SQL Injection

The Thumbnail carousel slider plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 1.0.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

CVE-2025-25222

The LuxCal Web Calendar prior to 5.3.3M MySQL version and prior to 5.3.3L SQLite version contains an SQL injection vulnerability in retrieve.php. If this vulnerability is exploited, information in a database may be deleted, altered, or retrieved...

CVE-2025-25222

creationtimestamp| type| source ---|---|--- 2025-02-18 01:15:44+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lig3koajni2y 2025-02-18 03:37:46+00:00| seen| Telegram/EwrRrkWKvTm9MxT5vGBlnMJZyMzwBgTgvzEXvRQjJKzOSWw 2025-02-18 04:17:21+00:00| seen|...

CVE-2025-25222

The LuxCal Web Calendar prior to 5.3.3M MySQL version and prior to 5.3.3L SQLite version contains an SQL injection vulnerability in retrieve.php. If this vulnerability is exploited, information in a database may be deleted, altered, or retrieved...

CVE-2024-25222

Task Manager App v1.0 was discovered to contain a SQL injection vulnerability via the projectID parameter at /TaskManager/EditProject.php...

CVE-2024-25222

CVE-2024-25222 affects Task Manager App v1.0, with a SQL injection vulnerability in the /TaskManager/EditProject.php endpoint, exploitable via the projectID parameter. The CVSSv3.1 vector/metrics indicate a CRITICAL impact (CVSS 9.8; AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). Connected sources confirm...

CVE-2024-25222

Task Manager App v1.0 was discovered to contain a SQL injection vulnerability via the projectID parameter at /TaskManager/EditProject.php...

CVE-2023-25222

creationtimestamp| type| source ---|---|--- 2023-03-01 18:33:34+00:00| seen| https://t.me/cibsecurity/59234...

CVE-2022-25222

creationtimestamp| type| source ---|---|--- 2022-03-23 23:29:00+00:00| seen| https://t.me/cibsecurity/39444...

CVE-2022-25222

Summary: CVE-2022-25222 affects Money Transfer Management System v1.0. An unauthenticated attacker can inject SQL via the id parameter in two admin pages (admin/maintenance/manage_branch.php and admin/maintenance/manage_fee.php). Root cause: Missing validation of external input used in SQL statem...

WordPress plugin GiveWP cross-site scripting vulnerability (CNVD-2022-25222)

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in WordPress...

CVE-2021-25222

CVE-2021-25222 is rejected/not used and does not represent an active vulnerability entry.