CVE-2022-29739
Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/admin/?page=user/manage_user&id=.
Source: CVE-2022-29739
CVE-2022-29739
Money Transfer Management System 1.0 is vulnerable to SQL Injection via /mtms/admin/?page=user/manage_user&id=.
Source: CVE-2022-29739
CVE-2022-28920
Tieba-Cloud-Sign v4.9 was discovered to contain a cross-site scripting (XSS) vulnerability via the function strip_tags.
Source: CVE-2022-28920
CVE-2022-28919
HTMLCreator release_stable_2020-07-29 was discovered to contain a cross-site scripting (XSS) vulnerability via the function _generateFilename.
Source: CVE-2022-28919
CVE-2022-29306
IonizeCMS v1.0.8.1 was discovered to contain a SQL injection vulnerability via the id_page parameter in application/models/article_model.php.
Source: CVE-2022-29306
CVE-2022-29298
SolarView Compact ver.6.00 allows attackers to access sensitive files via directory traversal.
Source: CVE-2022-29298
CVE-2022-29999
Insurance Management System 1.0 is vulnerable to SQL Injection via /insurance/editClient.php?client_id=.
Source: CVE-2022-29999
CVE-2022-29980
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=user/manage_user&id=.
Source: CVE-2022-29980
CVE-2022-29979
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_designation.
Source: CVE-2022-29979
CVE-2022-30279
An issue was discovered in Stormshield Network Security (SNS) 4.3.x before 4.3.8. The event logging of the ASQ sofbus lacbus plugin triggers the dereferencing of a NULL pointer, leading to a crash of SNS. An attacker could exploit this vulnerability via forged sofbus lacbus traffic to cause a firmware crash.
Source: CVE-2022-30279
CVE-2022-29994
Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=facilities/manage_facility&id=.
Source: CVE-2022-29994