ReportizFlow
Filtered by vendor
Subscriptions
Total
4028 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-41406 | 1 Church Management System Project | 1 Church Management System | 2025-05-20 | 7.2 High |
| An arbitrary file upload vulnerability in the /admin/admin_pic.php component of Church Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file. | ||||
| CVE-2022-40341 | 1 Mojoportal | 1 Mojoportal | 2025-05-20 | 8.8 High |
| mojoPortal v2.7 was discovered to contain an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted PNG file. | ||||
| CVE-2022-41385 | 1 Democritus | 1 D8s-html | 2025-05-20 | 9.8 Critical |
| The d8s-html package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0. | ||||
| CVE-2022-41384 | 1 Democritus | 1 D8s-domains | 2025-05-20 | 9.8 Critical |
| The d8s-domains package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0. | ||||
| CVE-2022-41383 | 1 Democritus | 1 D8s-archives | 2025-05-20 | 9.8 Critical |
| The d8s-archives package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0. | ||||
| CVE-2022-42037 | 1 Democritus | 1 D8s-asns | 2025-05-20 | 9.8 Critical |
| The d8s-asns package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-csv package. The affected version is 0.1.0. | ||||
| CVE-2022-42034 | 1 Wedding Planner Project | 1 Wedding Planner | 2025-05-20 | 8.8 High |
| Wedding Planner v1.0 is vulnerable to arbitrary code execution via users_profile.php. | ||||
| CVE-2022-41387 | 1 Democritus | 1 D8s-pdfs | 2025-05-20 | 9.8 Critical |
| The d8s-pdfs package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0. | ||||
| CVE-2022-41386 | 1 Democritus | 1 D8s-utility | 2025-05-20 | 9.8 Critical |
| The d8s-utility package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-urls package. The affected version is 0.1.0. | ||||
| CVE-2022-41382 | 1 Democritus | 1 D8s-json | 2025-05-20 | 9.8 Critical |
| The d8s-json package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0. | ||||
| CVE-2022-41381 | 1 Democritus | 1 D8s-utility | 2025-05-20 | 9.8 Critical |
| The d8s-utility package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0. | ||||
| CVE-2022-41380 | 1 Democritus | 1 D8s-yaml | 2025-05-20 | 9.8 Critical |
| The d8s-yaml package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-file-system package. The affected version is 0.1.0. | ||||
| CVE-2022-29623 | 1 Connect-multiparty Project | 1 Connect-multiparty | 2025-05-20 | 7.8 High |
| An arbitrary file upload vulnerability in the file upload module of Express Connect-Multiparty 2.2.0 allows attackers to execute arbitrary code via a crafted PDF file. NOTE: the Supplier has not verified this vulnerability report. | ||||
| CVE-2022-42229 | 1 Wedding Planner Project | 1 Wedding Planner | 2025-05-20 | 8.8 High |
| Wedding Planner v1.0 is vulnerable to Arbitrary code execution via package_edit.php. | ||||
| CVE-2022-42044 | 1 Democritus | 1 D8s-asns | 2025-05-20 | 9.8 Critical |
| The d8s-asns package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-html package. The affected version is 0.1.0. | ||||
| CVE-2022-42043 | 1 Democritus | 1 D8s-xml | 2025-05-20 | 9.8 Critical |
| The d8s-xml package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-html package. The affected version is 0.1.0. | ||||
| CVE-2022-42040 | 1 Democritus | 1 D8s-algorithms | 2025-05-20 | 9.8 Critical |
| The d8s-algorithms package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-dicts package. The affected version is 0.1.0. | ||||
| CVE-2022-42039 | 1 Democritus | 1 D8s-lists | 2025-05-20 | 9.8 Critical |
| The d8s-lists package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-dicts package. The affected version is 0.1.0. | ||||
| CVE-2022-42038 | 1 Democritus | 1 D8s-ip-addresses | 2025-05-20 | 9.8 Critical |
| The d8s-ip-addresses package for Python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-csv package. The affected version is 0.1.0. | ||||
| CVE-2024-42180 | 1 Hcltech | 1 Dryice Myxalytics | 2025-05-16 | 1.6 Low |
| HCL MyXalytics is affected by a malicious file upload vulnerability. The application accepts invalid file uploads, including incorrect content types, double extensions, null bytes, and special characters, allowing attackers to upload and execute malicious files. | ||||