• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-434

CVE-2022-40432

February 23, 2023 by godfreyd94

The d8s-strings for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-hypothesis package. The affected version is 0.1.0.

CVE-2022-4047

February 23, 2023 by godfreyd94

The Return Refund and Exchange For WooCommerce WordPress plugin before 4.0.9 does not validate attachment files to be uploaded via an AJAX action available to unauthenticated users, which could allow them to upload arbitrary files such as PHP and lead to RCE

CVE-2022-40471

February 23, 2023 by godfreyd94

Remote Code Execution in Clinic’s Patient Management System v 1.0 allows Attacker to Upload arbitrary php webshell via profile picture upload functionality in users.php

CVE-2022-40341

February 23, 2023 by godfreyd94

mojoPortal v2.7 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted PNG file.

CVE-2022-40217

February 23, 2023 by godfreyd94

Authenticated (admin+) Arbitrary File Edit/Upload vulnerability in XplodedThemes WPide plugin <= 2.6 at WordPress.

CVE-2022-40200

February 23, 2023 by godfreyd94

Auth. (subscriber+) Arbitrary File Upload vulnerability in wpForo Forum plugin <= 2.0.9 on WordPress.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 173
  • Go to page 174
  • Go to page 175
  • Go to page 176
  • Go to page 177
  • Interim pages omitted …
  • Go to page 224
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE