| CVE ID | Description | CVSS 3.0 | CVE MITRE | NVD |
|---|---|---|---|---|
| CVE-2024-37486 | Paid Memberships Pro Plugin <= 3.0.5 Authenticated SQL Injection vulnerability | 7.6 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-37486 | https://nvd.nist.gov/vuln/detail/CVE-2024-37486 |
| CVE-2024-6265 | UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress <= 1.2.10 - Unauthenticated SQL Injection via 'uwp_sort_by' | 9.8 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-6265 | https://nvd.nist.gov/vuln/detail/CVE-2024-6265 |
| CVE-2024-35736 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Themeisle Visualizer.This issue affects Visualizer: from n/a through 3.11.1. | 8.5 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35736 | https://nvd.nist.gov/vuln/detail/CVE-2024-35736 |
| CVE-2022-24264 | SQL injection vulnerability in /administrator/components/table_manager/ via the search_word parameter | 7.5 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24264 | https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24264 |
| CVE-2022-24265 | SQL injection vulnerability in /administrator/components/menu/ via the path=component/menu/&menu_filter=3 parameter. | 7.5 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24265 | https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24265 |
| CVE-2022-24266 | SQL injection vulnerability in /administrator/components/table_manager/ via the order_by parameter. | 7.5 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24266 | https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24266 |
| CVE-2022-23872 | Emlog pro v1.1.1 stored cross-site scripting (XSS) in /admin/configure.php via the parameter footer_info. | 4.8 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23872 | https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23872 |
| CVE-2022-22868 | Gibbon CMS v22.0.01 Stored XSS via name parameters. | 4.8 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22868 | https://nvd.nist.gov/vuln/detail/CVE-2022-22868 |
| CVE-2022-23357 | mozilo2.0 was discovered to be vulnerable to directory traversal attacks via the parameter curent_dir. | 9.1 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23357 | https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23357 |
| CVE-2022-23871 | Multiple cross-site scripting (XSS) vulnerabilities in the component outcomes_addProcess.php of Gibbon CMS v22.0.01 allow attackers to execute arbitrary web scripts or HTML via a crafted payload insterted into the name, category, description parameters. | 5.4 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23871 | https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23871 |
| CVE-2022-23873 | Victor CMS v1.0 was discovered to contain a SQL injection vulnerability that allows attackers to inject arbitrary commands via 'user_firstname' parameter. | 8.8 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23873 | https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-23873 |
| CVE-2022-24263 | SQL injection vulnerability in /Hospital-Management-System-master/func.php via the email parameter | 9.8 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24263 | https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-24263 |
| CVE-2022-24563 | Genixcms v1.1.11, a stored Cross-Site Scripting (XSS) | 5.4 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24563 | https://nvd.nist.gov/vuln/detail/CVE-2022-24563 |
| CVE-2022-26201 | Victor CMS v1.0 SQL Injection | 9.8 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26201 | https://nvd.nist.gov/vuln/detail/CVE-2022-26201 |
-
Notifications
You must be signed in to change notification settings - Fork 0
truonghuuphuc/CVE
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
About
All of my found cves
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published