Common Vulnerabilities and Exposures (CVE)

CVE-2022-44291

Jul 5, 2026 00:09:05 UTC

webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in phasesets.php.

CVE-2022-44290

Jul 5, 2026 00:09:01 UTC

webTareas 2.4p5 was discovered to contain a SQL injection vulnerability via the id parameter in deleteapprovalstages.php.

CVE-2022-31877

Jul 5, 2026 00:08:57 UTC

An issue in the component MSI.TerminalServer.exe of MSI Center v1.0.41.0 allows attackers to escalate privileges via a crafted TCP packet.

CVE-2022-45210

Jul 5, 2026 00:08:53 UTC

Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/user/deleteRecycleBin.

CVE-2022-45208

Jul 5, 2026 00:08:48 UTC

Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/user/putRecycleBin.

CVE-2022-45207

Jul 5, 2026 00:08:44 UTC

Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component updateNullByEmptyString.

CVE-2022-45206

Jul 5, 2026 00:08:40 UTC

Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/duplicate/check.

CVE-2022-45205

Jul 5, 2026 00:08:36 UTC

Jeecg-boot v3.4.3 was discovered to contain a SQL injection vulnerability via the component /sys/dict/queryTableData.

CVE-2022-37721

Jul 5, 2026 00:08:32 UTC

PyroCMS 3.9 is vulnerable to a stored Cross Site Scripting (XSS_ when a low privileged user such as an author, injects a crafted html and javascript payload in a blog post, leading to full admin account takeover or privilege escalation.

CVE-2022-35500

Jul 5, 2026 00:08:24 UTC

Amasty Blog 2.10.3 is vulnerable to Cross Site Scripting (XSS) via leave comment functionality.

CVE-2022-35501

Jul 5, 2026 00:08:20 UTC

Stored Cross-site Scripting (XSS) exists in the Amasty Blog Pro 2.10.3 and 2.10.4 plugin for Magento 2 because of the duplicate post function.

CVE-2022-37774

Jul 5, 2026 00:08:16 UTC

There is a broken access control vulnerability in the Maarch RM 2.8.3 solution. When accessing some specific document (pdf, email) from an archive, a preview is proposed by the application. This preview generates a URL including an md5 hash...

CVE-2022-37773

Jul 5, 2026 00:08:12 UTC

An authenticated SQL Injection vulnerability in the statistics page (/statistics/retrieve) of Maarch RM 2.8, via the filter parameter, allows the complete disclosure of all databases.

CVE-2022-37772

Jul 5, 2026 00:08:08 UTC

Maarch RM 2.8.3 solution contains an improper restriction of excessive authentication attempts due to excessive verbose responses from the application. An unauthenticated remote attacker could potentially exploit this vulnerability, leading...

CVE-2022-44194

Jul 5, 2026 00:08:04 UTC

Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameters apmode_dns1_pri and apmode_dns1_sec.