110902 matches found
ROOT-OS-UBUNTU-2404-CVE-2022-50240 CVE-2022-50240 in rootio-linux - Patched by Root
Root has patched CVE-2022-50240 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2022-50090 CVE-2022-50090 in rootio-linux - Patched by Root
Root has patched CVE-2022-50090 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2022-50551 CVE-2022-50551 in rootio-linux - Patched by Root
Root has patched CVE-2022-50551 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2022-2961 CVE-2022-2961 in rootio-linux - Patched by Root
Root has patched CVE-2022-2961 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2022-4543 CVE-2022-4543 in rootio-linux - Patched by Root
Root has patched CVE-2022-4543 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2022-50380 CVE-2022-50380 in rootio-linux - Patched by Root
Root has patched CVE-2022-50380 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
ROOT-OS-UBUNTU-2404-CVE-2022-50232 CVE-2022-50232 in rootio-linux - Patched by Root
Root has patched CVE-2022-50232 in the rootio-linux package for Root:Ubuntu:24.04. Multiple fixed versions available...
CVE-2022-26383
creationtimestamp| type| source ---|---|--- 2026-07-17 05:00:09+00:00| seen| https://t.me/EchelonEyes/38 2026-07-18 00:00:34+00:00| seen| https://t.me/EchelonEyes/38...
WAVLINK WN535 G3 - Improper Access Control
WAVLINK WN535 G3 M35G3R.V5030.180927 is susceptible to improper access control. A vulnerability in /cgi-bin/ExportAllSettings.sh allows an attacker to execute arbitrary code via a crafted POST request and thereby possibly obtain sensitive information, modify data, and/or execute unauthorized...
Omnia MPX 1.5.0+r1 - Local File Inclusion
Telos Alliance Omnia MPX Node through 1.5.0+r1 is vulnerable to local file inclusion via logs/downloadMainLog. By retrieving userDB.json allows an attacker to retrieve cleartext credentials and escalate privileges via the control panel. id: CVE-2022-36642 info: name: Omnia MPX 1.5.0+r1 - Local Fi...
Microweber <1.2.12 - Stored Cross-Site Scripting
Microweber prior to 1.2.12 contains a stored cross-site scripting vulnerability. It allows unrestricted upload of XML files,. id: CVE-2022-0963 info: name: Microweber 1.2.12 - Stored Cross-Site Scripting author: amit-jd severity: medium description: | Microweber prior to 1.2.12 contains a stored...
Diary Management System 1.0 - Cross-Site Scripting
Diary Management System 1.0 contains a cross-site scripting vulnerability via the Name parameter in search-result.php. id: CVE-2022-29004 info: name: Diary Management System 1.0 - Cross-Site Scripting author: TenBird severity: medium description: | Diary Management System 1.0 contains a cross-sit...
Roxy-WI - Remote Code Execution
Roxy-WI before 6.1.1.0 is susceptible to remote code execution. System commands can be run remotely via the delcert parameter without proper input validation in the /app/options.py file, allowing attackers to inject arbitrary OS commands. id: CVE-2022-31161 info: name: Roxy-WI - Remote Code...
Helmet Store Showroom v1.0 - SQL Injection
There is SQL Injection vulnerability at Helmet Store Showroom v1.0 Login Page. This vulnerability can be exploited to bypass admin access. id: CVE-2022-46071 info: name: Helmet Store Showroom v1.0 - SQL Injection author: Harsh severity: critical description: | There is SQL Injection vulnerability...
WBCE CMS v1.5.4 - Cross Site Scripting (Stored)
A cross-site scripting XSS vulnerability in /admin/settings/save.php of WBCE CMS v1.5.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Website Footer field. id: CVE-2022-45038 info: name: WBCE CMS v1.5.4 - Cross Site Scripting Stored author:...
WordPress Ad Inserter <2.7.10 - Cross-Site Scripting
WordPress Ad Inserter plugin before 2.7.10 contains a cross-site scripting vulnerability. It does not sanitize and escape the htmlelementselection parameter before outputting it back in the page. id: CVE-2022-0288 info: name: WordPress Ad Inserter 2.7.10 - Cross-Site Scripting author: DhiyaneshDK...
NexusPHP <1.7.33 - Cross-Site Scripting
NexusPHP before 1.7.33 contains multiple cross-site scripting vulnerabilities via the secret parameter in /login.php; q parameter in /user-ban-log.php; query parameter in /log.php; text parameter in /moresmiles.php; q parameter in myhr.php; or id parameter in /viewrequests.php. An attacker can...
PrestaShop - SQL Injection to Eval Injection
PrestaShop versions from 1.6.0.10 and before 1.7.8.7 contain an SQL injection caused by unsanitized user input, letting attackers chain the vulnerability to call PHP's Eval function, exploit requires attacker to send malicious input. id: CVE-2022-31181 info: name: PrestaShop - SQL Injection to Ev...
Open edX <2022-06-06 - Cross-Site Scripting
Open edX before 2022-06-06 contains a reflected cross-site scripting vulnerability via the 'next' parameter in the logout URL. id: CVE-2022-32195 info: name: Open edX 2022-06-06 - Cross-Site Scripting author: arafatansari severity: medium description: | Open edX before 2022-06-06 contains a...
MCMS 5.2.4 - SQL Injection
MCMS 5.2.4 contains a SQL injection vulnerability via search.do in the file /mdiy/dict/listExcludeApp. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. id: CVE-2022-25125 info: name: MCMS...