Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In October 2022
CVE-2022-40834
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_not_like() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
CVSS Score
9.8
EPSS Score
0.001
Published
2022-10-07
CVE-2022-40835
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php. Note: Multiple third parties have disputed this as not a valid vulnerability
CVSS Score
9.8
EPSS Score
0.001
Published
2022-10-07
CVE-2022-40872
An SQL injection vulnerability issue was discovered in Sourcecodester Simple E-Learning System 1.0., in /vcs/classRoom.php?classCode=, classCode.
CVSS Score
9.8
EPSS Score
0.001
Published
2022-10-07
CVE-2022-3423
Allocation of Resources Without Limits or Throttling in GitHub repository nocodb/nocodb prior to 0.92.0.
CVSS Score
7.3
EPSS Score
0.014
Published
2022-10-07
CVE-2022-40824
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php or_where() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
CVSS Score
9.8
EPSS Score
0.001
Published
2022-10-07
CVE-2022-40825
B.C. Institute of Technology CodeIgniter <=3.1.13 is vulnerable to SQL Injection via system\database\DB_query_builder.php where_in() function. Note: Multiple third parties have disputed this as not a valid vulnerability.
CVSS Score
9.8
EPSS Score
0.001
Published
2022-10-07
CVE-2022-3422
Account Takeover :: when see the info i can see the hash pass i can creaked it ............... Account Takeover :: when see the info i can see the forgot_password_token the hacker can send the request and changed the pass
CVSS Score
9.8
EPSS Score
0.001
Published
2022-10-07
CVE-2022-41672
In Apache Airflow, prior to version 2.4.1, deactivating a user wouldn't prevent an already authenticated user from being able to continue using the UI or API.
CVSS Score
8.1
EPSS Score
0.002
Published
2022-10-07
CVE-2022-3414
A vulnerability was found in SourceCodester Web-Based Student Clearance System. It has been classified as critical. Affected is an unknown function of the file /Admin/login.php of the component POST Parameter Handler. The manipulation of the argument txtusername leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-210246 is the identifier assigned to this vulnerability.
CVSS Score
5.0
EPSS Score
0.001
Published
2022-10-07
CVE-2022-2929
In ISC DHCP 1.0 -> 4.4.3, ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16-P1 a system with access to a DHCP server, sending DHCP packets crafted to include fqdn labels longer than 63 bytes, could eventually cause the server to run out of memory.
CVSS Score
6.5
EPSS Score
0.0
Published
2022-10-07


Products
Pricing
Contact Us

Shodan ® - All rights reserved