• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2022-23387
2022-03-09
N/A
7.5 HIGH
An issue was discovered in taocms 3.0.2. This is a SQL blind injection that can obtain database data through the Comment Update field.
CVE-2022-23384
2022-02-19
N/A
8.8 HIGH
YzmCMS v6.3 is affected by Cross Site Request Forgery (CSRF) in /admin.add
CVE-2022-23383
2022-03-15
N/A
9.1 CRITICAL
YzmCMS v6.3 is affected by broken access control. Without login, unauthorized access to the user's personal home page can be realized. It is necessary to judge the user's login status before accessing the personal home page, but the vulnerability can access other users' home pages through the non login status because real authentication is not carried out.
CVE-2022-23380
2022-03-08
N/A
8.8 HIGH
There is a SQL injection vulnerability in the background of taocms 3.0.2 in parameter id:action=admin&id=2&ctrl=edit.
CVE-2022-2338
2022-08-19
N/A
5.3 MEDIUM
Softing Secure Integration Server V1.22 is vulnerable to authentication bypass via a machine-in-the-middle attack. The default the administration interface is accessible via plaintext HTTP protocol, facilitating the attack. The HTTP request may contain the session cookie in the request, which may be captured for use in authenticating to the server.
CVE-2022-23379
2022-02-09
N/A
9.8 CRITICAL
Emlog v6.0 was discovered to contain a SQL injection vulnerability via the $TagID parameter of getblogidsfromtagid().
CVE-2022-23378
2022-02-11
N/A
5.4 MEDIUM
A Cross-Site Scripting (XSS) vulnerability exists within the 3.2.2 version of TastyIgniter. The "items%5B0%5D%5Bpath%5D" parameter of a request made to /admin/allergens/edit/1 is vulnerable.
CVE-2022-23377
2022-03-08
N/A
7.5 HIGH
Archeevo below 5.0 is affected by local file inclusion through file=~/web.config to allow an attacker to retrieve local files.
CVE-2022-23376
2022-03-01
N/A
6.1 MEDIUM
WikiDocs version 0.1.18 has multiple reflected XSS vulnerabilities on different pages.
CVE-2022-23375
2022-03-01
N/A
8.8 HIGH
WikiDocs version 0.1.18 has an authenticated remote code execution vulnerability. An attacker can upload a malicious file using the image upload form through index.php.
« Previous 1 … 10,593 10,594 10,595 10,596 10,597 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE