Security Vulnerabilities - CVEs Published In May 2022
The DFX module has a UAF vulnerability.Successful exploitation of this vulnerability may affect system stability.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-05-13
Authenticated (contributor or higher role) Cross-Site Scripting (XSS) vulnerability in Donations plugin <= 1.8 on WordPress.
CVSS Score
4.1
EPSS Score
0.002
Published
2022-05-13
mySCADA myPRO versions prior to 8.20.0 does not restrict unauthorized read access to sensitive directory listing information.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-05-13
mySCADA myPRO versions prior to 8.20.0 allows an unauthenticated remote attacker to upload arbitrary files to arbitrary directories.
CVSS Score
7.5
EPSS Score
0.003
Published
2022-05-13
Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/?page=individuals/view_individual&id=.
CVSS Score
7.2
EPSS Score
0.003
Published
2022-05-13
Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/individuals/update_status.php?id=.
CVSS Score
7.2
EPSS Score
0.003
Published
2022-05-13
Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/classes/Master.php?f=delete_application.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-05-13
Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/?page=applications/view_application&id=.
CVSS Score
7.2
EPSS Score
0.003
Published
2022-05-13
Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/applications/update_status.php?id=.
CVSS Score
7.2
EPSS Score
0.003
Published
2022-05-13
Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via ctpms/admin/?page=user/manage_user&id=.
CVSS Score
7.2
EPSS Score
0.003
Published
2022-05-13