Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2022-01-28
High
Med.
High
Med.
2022-01-27
High
Med.
Med.
Low
Med.
Med.
Low
Low
Low

The latest CVEs

2022-01-28
CVE-2021-34073
A Cross Site Scripting (XSS) vulnerabilty exists in Sourcecodester Gadget Works Online Ordering System in PHP/MySQLi 1.0 via the Category parameter in an add function in category/index.php.
CVE-2021-45897
SuiteCRM before 7.12.3 and 8.x before 8.0.2 allows remote code execution.
CVE-2021-45898
SuiteCRM before 7.12.3 and 8.x before 8.0.2 allows local file inclusion.
CVE-2021-45899
SuiteCRM before 7.12.3 and 8.x before 8.0.2 allows PHAR deserialization that can lead to remote code execution.
CVE-2022-22294
A SQL injection vulnerability exists in ZFAKA<=1.43 which an attacker can use to complete SQL injection in the foreground and add a background administrator account.
CVE-2021-44249
Online Motorcycle (Bike) Rental System 1.0 is vulnerable to a Blind Time-Based SQL Injection attack within the login portal. This can lead attackers to remotely dump MySQL database credentials.
CVE-2021-45435
An SQL Injection vulnerability exists in Sourcecodester Simple Cold Storage Management System using PHP/OOP 1.0 via the username field in login.php.
CVE-2020-25905
An SQL Injection vulnerabilty exists in Sourcecodester Mobile Shop System in PHP MySQL 1.0 via the email parameter in (1) login.php or (2) LoginAsAdmin.php.
CVE-2022-23096
An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation lacks a check for the presence of sufficient Header Data, leading to an out-of-bounds read.
CVE-2022-23097
An issue was discovered in the DNS proxy in Connman through 1.40. forward_dns_reply mishandles a strnlen call, leading to an out-of-bounds read.

Dorks

2022-01-26
Med.
Quiz Maker 6.2 - Sensitive Data Exposure (Authenticated User Credentials)
inurl:/wp-content/plugins/quiz-maker
Gh05t666nero
Med.
Creative Websoft - Sql Injection Vulnerability
"Website Desined By: Creative Websoft"
behrouz mansoori
2022-01-24
Med.
LDaRosa Xpath Injection Vulnerability
"By LDaRosa"
behrouz mansoori
2022-01-20
Med.
North Wing Limited - Sql Injection Vulnerability
"Developers: North Wing Limited"
behrouz mansoori
Med.
S.S. Technologies - Sql Injection Vulnerability
"Powered By S.S. Technologies" inurl:id="
behrouz mansoori

Copyright 2022, cxsecurity.com

 

Back to Top