CVE-2022-25578
taocms v3.0.2 allows attackers to execute code injection via arbitrarily editing the .htaccess file.
Source: CVE-2022-25578
CVE-2022-25578
taocms v3.0.2 allows attackers to execute code injection via arbitrarily editing the .htaccess file.
Source: CVE-2022-25578
CVE-2022-26265
Contao Managed Edition v1.5.0 was discovered to contain a remote command execution (RCE) vulnerability via the component php_cli parameter.
Source: CVE-2022-26265
CVE-2022-25581
Classcms v2.5 and below contains an arbitrary file upload via the component classclassupload. This vulnerability allows attackers to execute code injection via a crafted .txt file.
Source: CVE-2022-25581
CVE-2022-26266
Piwigo v12.2.0 was discovered to contain a SQL injection vulnerability via pwg.users.php.
Source: CVE-2022-26266
CVE-2022-25390
DCN Firewall DCME-520 was discovered to contain a remote command execution (RCE) vulnerability via the host parameter in the file /system/tool/ping.php.
Source: CVE-2022-25390
CVE-2022-25389
DCN Firewall DCME-520 was discovered to contain an arbitrary file download vulnerability via the path parameter in the file /audit/log/log_management.php.
Source: CVE-2022-25389
CVE-2022-27250
The UNISOC chipset through 2022-03-15 allows attackers to obtain remote control of a mobile phone, e.g., to obtain sensitive information from text messages or the device’s screen, record video of the device’s physical environment, or modify data.
Source: CVE-2022-27250
CVE-2022-25453
Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the time parameter in the saveParentControlInfo function.
Source: CVE-2022-25453
CVE-2022-25439
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the SetIpMacBind function.
Source: CVE-2022-25439
CVE-2022-25455
Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the list parameter in the SetIpMacBind function.
Source: CVE-2022-25455