Headline
CVE-2022-23872: GitHub - truonghuuphuc/CVE: All of my found cves
Emlog pro v1.1.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the component /admin/configure.php via the parameter footer_info.
CVE-2022-24264 SQL injection vulnerability in /administrator/components/table_manager/ via the search_word parameter 7.5 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24264 https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24264 CVE-2022-24265 SQL injection vulnerability in /administrator/components/menu/ via the path=component/menu/&menu_filter=3 parameter. 7.5 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24265 https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24265 CVE-2022-24266 SQL injection vulnerability in /administrator/components/table_manager/ via the order_by parameter. 7.5 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24266 https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24266 CVE-2022-23872 Emlog pro v1.1.1 stored cross-site scripting (XSS) in /admin/configure.php via the parameter footer_info. 4.8 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23872 https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23872 CVE-2022-22868 Gibbon CMS v22.0.01 Stored XSS via name parameters. 4.8 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22868 https://nvd.nist.gov/vuln/detail/CVE-2022-22868 CVE-2022-23357 mozilo2.0 was discovered to be vulnerable to directory traversal attacks via the parameter curent_dir. 9.1 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23357 https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23357 CVE-2022-23871 Multiple cross-site scripting (XSS) vulnerabilities in the component outcomes_addProcess.php of Gibbon CMS v22.0.01 allow attackers to execute arbitrary web scripts or HTML via a crafted payload insterted into the name, category, description parameters. 5.4 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23871 https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23871 CVE-2022-23873 Victor CMS v1.0 was discovered to contain a SQL injection vulnerability that allows attackers to inject arbitrary commands via ‘user_firstname’ parameter. 8.8 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23873 https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23873 CVE-2022-24263 SQL injection vulnerability in /Hospital-Management-System-master/func.php via the email parameter 9.8 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24263 https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24263 CVE-2022-24563 Genixcms v1.1.11, a stored Cross-Site Scripting (XSS) 5.4 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24563 https://nvd.nist.gov/vuln/detail/CVE-2022-24563 CVE-2022-26201 Victor CMS v1.0 SQL Injection 9.8 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26201 https://nvd.nist.gov/vuln/detail/CVE-2022-26201
Related news
mozilo2.0 was discovered to be vulnerable to directory traversal attacks via the parameter curent_dir.
Hospital Management System v4.0 was discovered to contain a SQL injection vulnerability in /Hospital-Management-System-master/func.php via the email parameter.