Lucene search
K

20 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-52389

Malicious code in bioql PyPI...

7.2CVSS7AI score0.00953EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-52388

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01159EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 11:10 p.m.7 views

CVE-2022-30528

SQL Injection vulnerability in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to execute arbitrary commands via the username parameter to /system/user/modules/modusers/controller.php...

9.8CVSS8.8AI score0.01159EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:49 p.m.9 views

CVE-2022-30529

File upload vulnerability in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to upload arbitrary files via /system/application/libs/js/tinymce/plugins/filemanager/dialog.php and /system/application/libs/js/tinymce/plugins/filemanager/upload.php...

7.2CVSS7.1AI score0.00953EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:41 p.m.6 views

CVE-2022-28607

An issue was discovered in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to gain sensitive information via the action parameter to /system/user/modules/modusers/controller.php...

7.5CVSS6.7AI score0.00775EPSS
Exploits1References1
NVD
NVD
added 2022/12/01 1:15 p.m.17 views

CVE-2022-28607

An issue was discovered in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to gain sensitive information via the action parameter to /system/user/modules/modusers/controller.php...

7.5CVSS0.00775EPSS
Exploits1References1
NVD
NVD
added 2022/12/01 1:15 p.m.17 views

CVE-2022-30528

SQL Injection vulnerability in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to execute arbitrary commands via the username parameter to /system/user/modules/modusers/controller.php...

9.8CVSS0.01159EPSS
Exploits1References2
OSV
OSV
added 2022/12/01 1:15 p.m.10 views

CVE-2022-30528

SQL Injection vulnerability in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to execute arbitrary commands via the username parameter to /system/user/modules/modusers/controller.php...

9.8CVSS6.1AI score0.01159EPSS
Exploits1References2
OSV
OSV
added 2022/12/01 1:15 p.m.4 views

CVE-2022-28607

An issue was discovered in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to gain sensitive information via the action parameter to /system/user/modules/modusers/controller.php...

7.5CVSS5.8AI score0.00775EPSS
Exploits1References1
Prion
Prion
added 2022/12/01 1:15 p.m.14 views

Information disclosure

An issue was discovered in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to gain sensitive information via the action parameter to /system/user/modules/modusers/controller.php...

5CVSS7.5AI score0.00775EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/12/01 12:0 a.m.4 views

CVE-2022-30528

SQL Injection vulnerability in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to execute arbitrary commands via the username parameter to /system/user/modules/modusers/controller.php...

10AI score0.01159EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/12/01 12:0 a.m.3 views

ISIC SQL注入漏洞

ISIC is a website backend by asith-eranga individual developer. A security vulnerability exists in ISIC tour booking that stems from the presence of SQL injection, which allows attackers to execute arbitrary commands via the username parameter in /system/user/modules/modusers/controller.php...

9.8CVSS9AI score0.01159EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2022/12/01 12:0 a.m.7 views

CVE-2022-28607

An issue was discovered in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to gain sensitive information via the action parameter to /system/user/modules/modusers/controller.php...

6.7AI score0.00775EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/12/01 12:0 a.m.5 views

PT-2022-19101 · Unknown · Asith-Eranga Isic Tour Booking

Name of the Vulnerable Software and Affected Versions: asith-eranga ISIC tour booking versions prior to the version published on Feb 13th 2018 Description: An issue in asith-eranga ISIC tour booking allows attackers to gain sensitive information via the action parameter to "/system/user/modules/m...

7.5CVSS6.6AI score0.00775EPSS
Exploits1References5
CVE
CVE
added 2022/12/01 12:0 a.m.55 views

CVE-2022-28607

CVE-2022-28607 concerns an information disclosure in the asith-eranga ISIC tour booking software. The issue arises in the endpoint "/system/user/modules/mod_users/controller.php" where an attacker can potentially obtain sensitive information through the action parameter. Affected software version...

7.5CVSS7.5AI score0.00775EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2022/11/22 1:15 a.m.2 views

CVE-2022-30529

File upload vulnerability in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to upload arbitrary files via /system/application/libs/js/tinymce/plugins/filemanager/dialog.php and /system/application/libs/js/tinymce/plugins/filemanager/upload.php...

7.2CVSS5.9AI score0.00953EPSS
Exploits1References2
NVD
NVD
added 2022/11/22 1:15 a.m.21 views

CVE-2022-30529

File upload vulnerability in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to upload arbitrary files via /system/application/libs/js/tinymce/plugins/filemanager/dialog.php and /system/application/libs/js/tinymce/plugins/filemanager/upload.php...

7.2CVSS0.00953EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/11/22 12:0 a.m.22 views

CVE-2022-30529

File upload vulnerability in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to upload arbitrary files via /system/application/libs/js/tinymce/plugins/filemanager/dialog.php and /system/application/libs/js/tinymce/plugins/filemanager/upload.php...

7.2AI score0.00953EPSS
Exploits1References2
CVE
CVE
added 2022/11/22 12:0 a.m.50 views

CVE-2022-30529

CVE-2022-30529 corresponds to a file-upload vulnerability in the asith-eranga ISIC tour booking software (versions up to 2018-02-13). The issue allows uploading arbitrary files via two TinyMCE file manager endpoints: /system/application/libs/js/tinymce/plugins/filemanager/dialog.php and /system/a...

7.2CVSS7AI score0.00953EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2022/11/22 12:0 a.m.6 views

CVE-2022-30529

File upload vulnerability in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to upload arbitrary files via /system/application/libs/js/tinymce/plugins/filemanager/dialog.php and /system/application/libs/js/tinymce/plugins/filemanager/upload.php...

7AI score0.00953EPSS
Exploits1References2
Rows per page
Query Builder