GHSA-9MF2-HPJ4-RW3R TablePress Plugin vulnerable to Cross-site Scripting

A cross-site scripting vulnerability was found in an unknown function of the component Table Import Handler. The manipulation of the argument Import data leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used...

CVE-2022-3813 Axiomatic Bento4 mp4edit memory leak

A vulnerability classified as problematic has been found in Axiomatic Bento4. This affects an unknown part of the component mp4edit. The manipulation leads to memory leak. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated...

CVE-2022-3815

CVE-2022-3815 affects the Axiomatic Bento4 library, specifically the mp4decrypt component. The vulnerability is described as a memory leak resulting from some unknown processing, with remote initiation possible and the exploit disclosed publicly (VDB-212681). Several feeds (NVD, OSV, UBUNTU, RH) ...

Heap overflow

A vulnerability classified as critical was found in Axiomatic Bento4 5e7bb34. Affected by this vulnerability is the function AP4Mp4AudioDsiParser::ReadBits of the file Ap4Mp4AudioInfo.cpp of the component mp4hls. The manipulation leads to heap-based buffer overflow. The attack can be launched...

CVE-2022-3666

A vulnerability, which was classified as critical, has been found in Axiomatic Bento4. Affected by this issue is the function AP4LinearReader::Advance of the file Ap4LinearReader.cpp of the component mp42ts. The manipulation leads to use after free. The attack may be launched remotely. The exploi...

Heap overflow

A vulnerability was found in Axiomatic Bento4. It has been classified as critical. Affected is the function WriteSample of the component mp42hevc. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and m...

Cross site scripting

A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /csms/admin/?page=systeminfo of the component Setting Handler. The manipulation of the argument System Name/System Short Name lead...

Sql injection

A vulnerability was found in SourceCodester Web-Based Student Clearance System. It has been classified as critical. Affected is an unknown function of the file /Admin/login.php of the component POST Parameter Handler. The manipulation of the argument txtusername leads to sql injection. It is...

Sql injection

A vulnerability classified as critical was found in SourceCodester Simple and Nice Shopping Cart Script. Affected by this vulnerability is an unknown functionality of the file /mkshop/Men/profile.php. The manipulation of the argument memid leads to sql injection. The attack can be launched...

CVE-2022-2870

A vulnerability was found in laravel 5.1 and classified as problematic. This issue affects some unknown processing. The manipulation leads to deserialization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206501 was assigned...

CVE-2022-2812

A vulnerability classified as critical was found in SourceCodester Guest Management System. This vulnerability affects unknown code of the file index.php. The manipulation of the argument username/pass leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to...

Design/Logic Flaw

A vulnerability was found in SourceCodester Zoo Management System. It has been classified as critical. Affected is an unknown function of the file /pages/applyvacancy.php. The manipulation of the argument filename leads to unrestricted upload. It is possible to launch the attack remotely. The...

CVE-2022-2769

A vulnerability, which was classified as problematic, has been found in SourceCodester Company Website CMS. This issue affects some unknown processing of the file /dashboard/contact. The manipulation of the argument phone leads to cross site scripting. The attack may be initiated remotely. The...

Out-of-bounds

A vulnerability was found in SourceCodester Gym Management System. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /mygym/admin/index.php?viewexercises. The manipulation leads to unrestricted upload. The attack can be launched remotely. The...

CVE-2022-2700

CVE-2022-2700 affects SourceCodester Gym Management System, via the GET Parameter Handler’s day parameter. The vulnerability allows remote SQL injection, with the exploit publicly disclosed. Impact is described as high (CVE data via NVD). Connected sources indicate no fix/version details are prov...

Cross site scripting

A vulnerability classified as problematic was found in SourceCodester Wedding Hall Booking System. Affected by this vulnerability is an unknown functionality of the file /whbs/?page=mybookings of the component Booking Form. The manipulation of the argument Remarks leads to cross site scripting. T...

CVE-2022-2678

A vulnerability was found in SourceCodester Alphaware Simple E-Commerce System. It has been declared as critical. This vulnerability affects unknown code of the file adminfeature.php of the component Background Management Page. The manipulation leads to unrestricted upload. The attack can be...

CVE-2022-2677

A vulnerability was found in SourceCodester Apartment Visitor Management System 1.0. It has been classified as critical. This affects an unknown part of the file index.php. The manipulation of the argument username with the input ' AND SELECT 4955 FROM SELECTSLEEP5RSzF AND 'htiy'='htiy leads to s...

Out-of-bounds

A vulnerability was found in SourceCodester Alphaware Simple E-Commerce System. It has been declared as critical. This vulnerability affects unknown code of the file adminfeature.php of the component Background Management Page. The manipulation leads to unrestricted upload. The attack can be...

CVE-2022-2673

A vulnerability was found in Rigatur Online Booking and Hotel Management System aff6409. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file login.php of the component POST Request Handler. The manipulation of the argument email/pass leads to s...