Show filters
570 Total Results
Displaying 131-140 of 570
Sort by:
Attacker Value
Unknown

CVE-2022-1595

Disclosure Date: June 13, 2022 (last updated February 23, 2025)
The HC Custom WP-Admin URL WordPress plugin through 1.4 leaks the secret login URL when sending a specific crafted request
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-1594

Disclosure Date: June 13, 2022 (last updated February 23, 2025)
The HC Custom WP-Admin URL WordPress plugin through 1.4 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack, allowing them to change the login URL
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2019-25065

Disclosure Date: June 09, 2022 (last updated February 23, 2025)
A vulnerability was found in OpenNetAdmin 18.1.1. It has been rated as critical. Affected by this issue is some unknown functionality. The manipulation leads to privilege escalation. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-31994

Disclosure Date: June 02, 2022 (last updated February 23, 2025)
Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=sales/view_details&id.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-31993

Disclosure Date: June 02, 2022 (last updated February 23, 2025)
Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/classes/Master.php?f=delete_service.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-31992

Disclosure Date: June 02, 2022 (last updated February 23, 2025)
Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=court_rentals/view_court_rental&id=.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-31991

Disclosure Date: June 02, 2022 (last updated February 23, 2025)
Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/classes/Master.php?f=delete_court.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-31990

Disclosure Date: June 02, 2022 (last updated February 23, 2025)
Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/classes/Master.php?f=delete_product.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-31989

Disclosure Date: June 02, 2022 (last updated February 23, 2025)
Badminton Center Management System v1.0 is vulnerable to SQL Injection via /bcms/admin/?page=user/manage_user&id=.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-31988

Disclosure Date: June 02, 2022 (last updated February 23, 2025)
Badminton Center Management System v1.0 is vulnerable to SQL Injection via bcms/admin/?page=reports/daily_services_report&date=.
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
View More Topics  < Previous  Next >