Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

CVE-2022-30810: bug_report/SQLi-2.md at main · k0xx11/bug_report

elitecms v1.01 is vulnerable to SQL Injection via admin/edit_post.php.

CVE
Open in Source
#sql#vulnerability#windows#php#firefox
CVE-2022-30813: bug_report/SQLi-3.md at main · k0xx11/bug_report

elitecms 1.01 is vulnerable to SQL Injection via /admin/add_post.php.

CVE-2022-30809: bug_report/SQLi-1.md at main · k0xx11/bug_report

elitecms 1.01 is vulnerable to SQL Injection via /admin/edit_page.php?page=.

CVE-2022-30815: bug_report/SQLi-4.md at main · k0xx11/bug_report

elitecms 1.01 is vulnerable to SQL Injection via admin/edit_sidebar.php?page=2&sidebar=

CVE-2022-30819: bug_report/RCE-3.md at main · k0xx11/bug_report

In Wedding Management System v1.0, there is an arbitrary file upload vulnerability in the picture upload point of "photos_edit.php" file.

CVE-2022-30818: bug_report/SQLi-10.md at main · k0xx11/bug_report

Wedding Management System v1.0 is vulnerable to SQL injection via /Wedding-Management/admin/blog_events_edit.php?id=31.

CVE-2022-30826: bug_report/SQLi-3.md at main · k0xx11/bug_report

Wedding Management System v1.0 is vulnerable to SQL Injection via admin\client_assign.php.

CVE-2022-30828: bug_report/SQLi-6.md at main · k0xx11/bug_report

Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\photos_edit.php.

CVE-2022-30827: bug_report/SQLi-4.md at main · k0xx11/bug_report

Wedding Management System v1.0 is vulnerable to SQL Injection via \admin\package_edit.php.

CVE-2022-30470: FileRun - Selfhosted File Manager with Sharing and Backup for Photos, Docs & More

In Afian Filerun 20220202 Changing the "search_tika_path" variable to a custom (and previously uploaded) jar file results in remote code execution in the context of the webserver user.