Security
Headlines
HeadlinesLatestCVEs

Tag

#php

CVE-2022-38595: bug_report/SQLi-2.md at main · Estbonxby/bug_report

Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edit_user.php.

CVE
Open in Source
#sql#vulnerability#windows#php#auth#firefox
CVE-2022-38352: There is a new exploit chain for the deserialization vulnerability of thinkphp 6.0.13 · Issue #2749 · top-think/framework

ThinkPHP v6.0.13 was discovered to contain a deserialization vulnerability via the component League\Flysystem\Cached\Storage\Psr6Cache. This vulnerability allows attackers to execute arbitrary code via a crafted payload.

CVE-2022-38594: bug_report/SQLi-1.md at main · Estbonxby/bug_report

Church Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/edit_visitor.php.

CVE-2022-38323: bug_report/RCE-1.md at main · Gsir97/bug_report

Event Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /Royal_Event/update_image.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.

CVE-2018-25047: Release v4.2.1 · smarty-php/smarty

In Smarty before 3.1.47 and 4.x before 4.2.1, libs/plugins/function.mailto.php allows XSS. A web page that uses smarty_function_mailto, and that could be parameterized using GET or POST input parameters, could allow injection of JavaScript code by a user.

CVE-2022-35946: Filter allowed methods in plugin form controller · glpi-project/glpi@f542ec8

GLPI stands for Gestionnaire Libre de Parc Informatique and is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In affected versions request input is not properly validated in the plugin controller and can be used to access low-level API of Plugin class. An attacker can, for instance, alter database data. Attacker must have "General setup" update rights to be able to perform this attack. Users are advised to upgrade to version 10.0.3. Users unable to upgrade should remove the `front/plugin.form.php` script.

WordPress WPGateway 3.5 Privilege Escalation

WordPress WPGateway plugin versions 3.5 and below suffer from an unauthenticated privilege escalation vulnerability.

CVE-2022-22520: VDE-2022-039 | CERT@VDE

A remote, unauthenticated attacker can enumerate valid users by sending specific requests to the webservice of MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2.

CVE-2022-36669: POC-DUMP/README.md at main · saitamang/POC-DUMP

Hospital Information System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

CVE-2022-37139: POC-DUMP/README.md at main · saitamang/POC-DUMP

Loan Management System version 1.0 suffers from a persistent cross site scripting vulnerability.