CVE-2021-43455

An Unquoted Service Path vulnerability exists in FreeLAN 2.2 via a specially crafted file in the FreeLAN Service path.

Source: CVE-2021-43455

CVE-2022-1026

Kyocera multifunction printers running vulnerable versions of Net View unintentionally expose sensitive user information, including usernames and passwords, through an insufficiently protected address book export function.

Source: CVE-2022-1026

CVE-2021-43454

An Unquoted Service Path vulnerability exists in AnyTXT Searcher 1.2.394 via a specially crafted file in the ATService path. .

Source: CVE-2021-43454

CVE-2021-43456

An Unquoted Service Path vulnerablility exists in Rumble Mail Server 0.51.3135 via via a specially crafted file in the RumbleService executable service path.

Source: CVE-2021-43456

CVE-2021-43457

An Unquoted Service Path vulnerability exists in bVPN 2.5.1 via a specially crafted file in the waselvpnserv service path.

Source: CVE-2021-43457

CVE-2021-43458

An Unquoted Service Path vulnerability exits in Vembu BDR 4.2.0.1 via a specially crafted file in the (1) hsflowd, (2) VembuBDR360Agent, or (3) VembuOffice365Agent service paths.

Source: CVE-2021-43458

CVE-2022-28062

Car Rental System v1.0 contains an arbitrary file upload vulnerability via the Add Car component which allows attackers to upload a webshell and execute arbitrary code.

Source: CVE-2022-28062

CVE-2022-28063

Simple Bakery Shop Management System v1.0 contains a file disclosure via /bsms/?page=products.

Source: CVE-2022-28063

CVE-2022-27436

A cross-site scripting (XSS) vulnerability in /public/admin/index.php?add_user at Ecommerce-Website v1.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username text field.

Source: CVE-2022-27436

CVE-2022-27435

An unrestricted file upload at /public/admin/index.php?add_product of Ecommerce-Website v1.1.0 allows attackers to upload a webshell via the Product Image component.

Source: CVE-2022-27435