CVE漏洞

OStack程序员社区-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2022-30349

siteserver SSCMS 6.15.51 is vulnerable to Cross Site Scripting (XSS).……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：7 | 回复：0
CVE-2022-30352

phpABook 0.9i is vulnerable to SQL Injection due to insufficient sanitization of user-supplied data in the auth_user parameter in index.php script.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：7 | 回复：0
CVE-2022-30423

Merchandise Online Store v1.0 by oretnom23 has an arbitrary code execution (RCE) vulnerability in the user profile upload point in the system information.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：7 | 回复：0
CVE-2022-30425

Tenda Technology Co.,Ltd HG6 3.3.0-210926 was discovered to contain a command injection vulnerability via the pingAddr and traceAddr parameters. This vulnerability is exploited via a crafted POST requ ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：7 | 回复：0
CVE-2022-30470

In Afian Filerun 20220202 Changing the search_tika_path variable to a custom (and previously uploaded) jar file results in remote code execution in the context of the webserver user.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：7 | 回复：0
CVE-2022-30478

Ecommerce-project-with-php-and-mysqli-Fruits-Bazar 1.0 is vulnerable to SQL Injection in \search_product.php via the keyword parameters.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：7 | 回复：0
CVE-2022-30481

Food-order-and-table-reservation-system- 1.0 is vulnerable to SQL Injection in categorywise-menu.php via the catid parameters.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：7 | 回复：0
CVE-2022-30482

Ecommerce-project-with-php-and-mysqli-Fruits-Bazar- 1.0 is vulnerable to Cross Site Scripting (XSS) in \admin\add_cata.php via the ctg_name parameters.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：7 | 回复：0
CVE-2022-30490

Badminton Center Management System V1.0 is vulnerable to SQL Injection via parameter 'id' in /bcms/admin/court_rentals/update_status.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：7 | 回复：0
CVE-2022-30496

SQL injection in Logon Page of IDCE MV's application, version 1.0, allows an attacker to inject SQL payloads in the user field, connecting to a database to access enterprise's private and sens ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：7 | 回复：0
CVE-2022-30503

Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_set_number at src/njs_value.h.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：7 | 回复：0
CVE-2022-30506

An arbitrary file upload vulnerability was discovered in MCMS 5.2.7, allowing an attacker to execute arbitrary code through a crafted ZIP file.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：7 | 回复：0
CVE-2022-30510

School Dormitory Management System 1.0 is vulnerable to SQL Injection via reports/daily_collection_report.php:59.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：7 | 回复：0
CVE-2022-30511

School Dormitory Management System 1.0 is vulnerable to SQL Injection via accounts/view_details.php:4.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：7 | 回复：0
CVE-2022-30512

School Dormitory Management System 1.0 is vulnerable to SQL Injection via accounts/payment_history.php:31.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：7 | 回复：0
CVE-2022-30513

School Dormitory Management System v1.0 is vulnerable to reflected cross-site scripting (XSS) via admin/inc/navigation.php:125……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：7 | 回复：0
CVE-2022-30514

School Dormitory Management System v1.0 is vulnerable to reflected cross-site scripting (XSS) via admin/inc/navigation.php:126.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：7 | 回复：0
CVE-2022-30521

The LAN-side Web-Configuration Interface has Stack-based Buffer Overflow vulnerability in the D-Link Wi-Fi router firmware DIR-890L DIR890LA1_FW107b09.bin and previous versions. The function created a ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：7 | 回复：0
CVE-2022-30540

The affected product is vulnerable to a heap-based buffer overflow via uninitialized pointer, which may allow an attacker to execute arbitrary code……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：6 | 回复：0
CVE-2022-30794

Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/editproductetails.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：6 | 回复：0
CVE-2022-30795

Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/editproductimage.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：6 | 回复：0
CVE-2022-30797

Online Ordering System 1.0 by oretnom23 is vulnerable to SQL Injection via admin/vieworders.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：6 | 回复：0
CVE-2022-30798

Online Ordering System v1.0 by oretnom23 is vulnerable to SQL Injection via admin/viewreport.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：6 | 回复：0
CVE-2022-30799

Online Ordering System v1.0 by oretnom23 has SQL injection via store/orderpage.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：8 | 回复：0
CVE-2022-30804

elitecms v1.01 is vulnerable to Delete any file via /admin/delete_image.php?file=.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：8 | 回复：0
CVE-2022-30808

elitecms 1.0.1 is vulnerable to Arbitrary code execution via admin/manage_uploads.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：8 | 回复：0
CVE-2022-30809

elitecms 1.01 is vulnerable to SQL Injection via /admin/edit_page.php?page=.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：8 | 回复：0
CVE-2022-30810

elitecms v1.01 is vulnerable to SQL Injection via admin/edit_post.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：8 | 回复：0
CVE-2022-30813

elitecms 1.01 is vulnerable to SQL Injection via /admin/add_post.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：8 | 回复：0
CVE-2022-30814

elitecms v1.01 is vulnerable to SQL Injection via /admin/add_sidebar.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：8 | 回复：0
CVE-2022-30815

elitecms 1.01 is vulnerable to SQL Injection via admin/edit_sidebar.php?page=2sidebar=……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：8 | 回复：0
CVE-2022-30816

elitecms 1.01 is vulnerable to SQL Injection via /admin/edit_sidebar.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：7 | 回复：0
CVE-2022-30817

Simple Bus Ticket Booking System 1.0 is vulnerable to SQL Injection via /SimpleBusTicket/index.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：8 | 回复：0
CVE-2022-30818

Wedding Management System v1.0 is vulnerable to SQL injection via /Wedding-Management/admin/blog_events_edit.php?id=31.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：8 | 回复：0
CVE-2022-30819

In Wedding Management System v1.0, there is an arbitrary file upload vulnerability in the picture upload point of photos_edit.php file.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：9 | 回复：0
CVE-2022-30820

In Wedding Management v1.0, there is an arbitrary file upload vulnerability in the picture upload point of users_edit.php file.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：8 | 回复：0
CVE-2022-30821

In Wedding Management System v1.0, the editing function of the Services module in the background management system has an arbitrary file upload vulnerability in the picture upload point of package_edi ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：9 | 回复：0
CVE-2022-30822

In Wedding Management System v1.0, there is an arbitrary file upload vulnerability in the picture upload point of users_profile.php file.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：9 | 回复：0
CVE-2022-30823

Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\blog_events_edit.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：9 | 回复：0
CVE-2022-30825

Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\client_edit.php.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:02 | 阅读：9 | 回复：0