CVE-2022-22339

IBM Planning Analytics 2.0 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 219736.

Source: CVE-2022-22339

CVE-2022-27148

GPAC mp4box 1.1.0-DEV-rev1663-g881c6a94a-master is vulnerable to Integer Overflow.

Source: CVE-2022-27148

CVE-2022-27046

libsixel 1.8.6 suffers from a Heap Use After Free vulnerability in in libsixel/src/dither.c:388.

Source: CVE-2022-27046

CVE-2022-27044

libsixel 1.8.6 is affected by Buffer Overflow in libsixel/src/quant.c:876.

Source: CVE-2022-27044

CVE-2021-41715

libsixel 1.10.0 is vulnerable to Use after free in libsixel/src/dither.c:379.

Source: CVE-2021-41715

CVE-2021-46367

RiteCMS version 3.1.0 and below suffers from a remote code execution vulnerability in the admin panel. An authenticated attacker can upload a PHP file and bypass the .htacess configuration to deny execution of .php files in media and files directory by default.

Source: CVE-2021-46367

CVE-2022-24229

A cross-site scripting (XSS) vulnerability in ONLYOFFICE Document Server Example before v7.0.0 allows remote attackers inject arbitrary HTML or JavaScript through /example/editor.

Source: CVE-2022-24229

CVE-2021-46437

An issue was discovered in ZZCMS 2021. There is a cross-site scripting (XSS) vulnerability in ad_manage.php.

Source: CVE-2021-46437

CVE-2021-46436

An issue was discovered in ZZCMS 2021. There is a SQL injection vulnerability in ad_manage.php.

Source: CVE-2021-46436

CVE-2022-28002

Movie Seat Reservation v1 was discovered to contain an unauthenticated file disclosure vulnerability via /index.php?page=home.

Source: CVE-2022-28002