• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-94

CVE-2022-29221

February 23, 2023 by godfreyd94

Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. Prior to versions 3.1.45 and 4.1.1, template authors could inject php code by choosing a malicious {block} name or {include} file name. Sites that cannot fully trust template authors should upgrade to versions 3.1.45 or 4.1.1 to receive a patch for this issue. There are currently no known workarounds.

CVE-2022-29115

February 23, 2023 by godfreyd94

Windows Fax Service Remote Code Execution Vulnerability.

CVE-2022-28960

February 23, 2023 by godfreyd94

A PHP injection vulnerability in Spip before v3.2.8 allows attackers to execute arbitrary PHP code via the _oups parameter at /ecrire.

CVE-2022-28096

February 23, 2023 by godfreyd94

Skycaiji v2.4 was discovered to contain a remote code execution (RCE) vulnerability via /SkycaijiApp/admin/controller/Develop.php.

CVE-2022-26198

February 23, 2023 by godfreyd94

Notable v1.8.4 does not filter text editing, allowing attackers to execute arbitrary code via a crafted payload injected into the Title text field.

CVE-2022-26205

February 23, 2023 by godfreyd94

Marky commit 3686565726c65756e was discovered to contain a remote code execution (RCE) vulnerability via the Display text fields. This vulnerability allows attackers to execute arbitrary code via injection of a crafted payload.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 208
  • Go to page 209
  • Go to page 210
  • Go to page 211
  • Go to page 212
  • Interim pages omitted …
  • Go to page 225
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE