School Dormitory Management System v1.0 is vulnerable to reflected cross-site scripting (XSS) via admin/inc/navigation.php:125 Date published : 2022-05-27 https://github.com/bigzooooz/CVE-2022-30513 https://www.sourcecodester.com/php/15319/school-dormitory-management-system-phpoop-free-source-code.html
School Dormitory Management System 1.0 is vulnerable to SQL Injection via accounts/payment_history.php:31. Date published : 2022-05-27 https://github.com/bigzooooz/CVE-2022-30512 https://www.sourcecodester.com/php/15319/school-dormitory-management-system-phpoop-free-source-code.html
School Dormitory Management System 1.0 is vulnerable to SQL Injection via accounts/view_details.php:4. Date published : 2022-05-27 https://github.com/bigzooooz/CVE-2022-30511 https://www.sourcecodester.com/php/15319/school-dormitory-management-system-phpoop-free-source-code.html
School Dormitory Management System 1.0 is vulnerable to SQL Injection via reports/daily_collection_report.php:59. Date published : 2022-05-27 https://github.com/bigzooooz/CVE-2022-30510 https://www.sourcecodester.com/php/15319/school-dormitory-management-system-phpoop-free-source-code.html
An arbitrary file upload vulnerability was discovered in MCMS 5.2.7, allowing an attacker to execute arbitrary code through a crafted ZIP file. Date published : 2022-05-27 https://gitee.com/mingSoft/MCMS/issues/I56AID
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_set_number at src/njs_value.h. Date published : 2022-05-27 https://github.com/nginx/njs/commit/5c6130a2a0b4c41ab415f6b8992aa323636338b9 https://github.com/nginx/njs/issues/478
SQL injection in Logon Page of IDCE MV’s application, version 1.0, allows an attacker to inject SQL payloads in the user field, connecting to a database to access enterprise’s private and sensitive information. Date...
Tenda Technology Co.,Ltd HG6 3.3.0-210926 was discovered to contain a command injection vulnerability via the pingAddr and traceAddr parameters. This vulnerability is exploited via a crafted POST request. Date published : 2022-05-27 https://www.tendacn.com/ https://www.tendacn.com/product/HG6.html
Merchandise Online Store v1.0 by oretnom23 has an arbitrary code execution (RCE) vulnerability in the user profile upload point in the system information. Date published : 2022-05-27 https://github.com/ffYYy6x0y1/bug_report/blob/main/vendors/oretnom23/merchandise-online-store/RCE-1.md
phpABook 0.9i is vulnerable to SQL Injection due to insufficient sanitization of user-supplied data in the "auth_user" parameter in index.php script. Date published : 2022-05-27 https://www.cybersecurity-help.cz/vulnerabilities/54518/ https://www.exploit-db.com/exploits/50071
siteserver SSCMS 6.15.51 is vulnerable to Cross Site Scripting (XSS). Date published : 2022-05-27 https://github.com/siteserver/cms/issues/3238
HashiCorp Nomad and Nomad Enterprise version 0.2.0 up to 1.3.0 were impacted by go-getter vulnerabilities enabling privilege escalation through the artifact stanza in submitted jobs onto the client agent host. Fixed in 1.1.14, 1.2.8,...
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_array_prototype_sort at src/njs_array.c. Date published : 2022-05-27 https://github.com/nginx/njs/commit/8b39afdad9a0761e0a5d4af1a762bd9a6daef572 https://github.com/nginx/njs/issues/486
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_value_own_enumerate at src/njs_value.c. Date published : 2022-05-27 https://github.com/nginx/njs/commit/2e00e95473861846aa8538be87db07699d9f676d https://github.com/nginx/njs/issues/485