Security Vulnerabilities - CVEs Published In April 2022
Employee Performance Evaluation v1.0 was discovered to contain a SQL injection vulnerability via the email parameter.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-04-05
Insurance Management System 1.0 was discovered to contain a SQL injection vulnerability via the username parameter.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-04-05
Student Grading System v1.0 was discovered to contain a SQL injection vulnerability via the user parameter.
CVSS Score
9.8
EPSS Score
0.004
Published
2022-04-05
Online Sports Complex Booking v1.0 was discovered to contain a SQL injection vulnerability via the id parameter.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-04-05
Online Banking System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-04-05
Online Student Admission v1.0 was discovered to contain a SQL injection vulnerability via the txtapplicationID parameter.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-04-05
Payroll Management System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter.
CVSS Score
9.8
EPSS Score
0.006
Published
2022-04-05
In 0.9.3 or older versions of Apache Pinot segment upload path allowed segment directories to be imported into pinot tables. In pinot installations that allow open access to the controller a specially crafted request can potentially be exploited to cause disruption in pinot service. Pinot release 0.10.0 fixes this. See https://docs.pinot.apache.org/basics/releases/0.10.0
CVSS Score
7.5
EPSS Score
0.037
Published
2022-04-05
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
CVSS Score
8.3
EPSS Score
0.016
Published
2022-04-05
Microsoft Edge (Chromium-based) Spoofing Vulnerability
CVSS Score
4.3
EPSS Score
0.066
Published
2022-04-05