CVE-2022-30451
An authenticated user could execute code via a SQLi vulnerability in waimairenCMS before version 9.1.
Source: CVE-2022-30451
CVE-2022-30451
An authenticated user could execute code via a SQLi vulnerability in waimairenCMS before version 9.1.
Source: CVE-2022-30451
CVE-2022-30449
Hospital Management System in PHP with Source Code (HMS) 1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in room.php.
Source: CVE-2022-30449
CVE-2022-30450
A Remote Code Execution (RCE) vulnerability exists in waimairen 9.1 via wx.php
Source: CVE-2022-30450
CVE-2022-30448
Hospital Management System in PHP with Source Code (HMS) 1.0 was discovered to contain a File upload vulnerability in treatmentrecord.php.
Source: CVE-2022-30448
CVE-2022-30047
Mingsoft MCMS v5.2.7 was discovered to contain a SQL injection vulnerability in /mdiy/dict/listExcludeApp URI via orderBy parameter.
Source: CVE-2022-30047
CVE-2022-30060
ftcms <=2.1 was discovered to be vulnerable to Arbitrary File Write via admin/controllers/tp.php
Source: CVE-2022-30060
CVE-2022-29846
In Progress Ipswitch WhatsUp Gold 16.1 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to obtain the WhatsUp Gold installation serial number.
Source: CVE-2022-29846
CVE-2022-30057
Shopwind <=v3.4.2 was discovered to contain a stored cross-site scripting (XSS) vulnerability.
Source: CVE-2022-30057
CVE-2022-29848
In Progress Ipswitch WhatsUp Gold 17.0.0 through 21.1.1, and 22.0.0, it is possible for an authenticated user to invoke an API transaction that would allow them to read sensitive operating-system attributes from a host that is accessible by the WhatsUp Gold system.
Source: CVE-2022-29848
CVE-2022-29847
In Progress Ipswitch WhatsUp Gold 21.0.0 through 21.1.1, and 22.0.0, it is possible for an unauthenticated attacker to invoke an API transaction that would allow them to relay encrypted WhatsUp Gold user credentials to an arbitrary host.
Source: CVE-2022-29847