CWE-707
222 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-707page 2 of 5
- CVE-2022-3503LOWCVSS 3.5EG 5.42022-10-14
A vulnerability was found in SourceCodester Purchase Order Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the component Supplier Handler. The manipulation of the argument Supplier Nam…
- CVE-2022-3504MEDIUMCVSS 6.3EG 9.82022-10-14
A vulnerability was found in SourceCodester Sanitization Management System and classified as critical. This issue affects some unknown processing of the file /php-sms/?p=services/view_service. The manipulation of the argument id leads to s…
- CVE-2022-3505LOWCVSS 3.5EG 5.42022-10-14
A vulnerability was found in SourceCodester Sanitization Management System. It has been classified as problematic. Affected is an unknown function of the file /php-sms/admin/. The manipulation of the argument page leads to cross site scrip…
- CVE-2022-3518LOWCVSS 2.4EG 6.12022-10-15
A vulnerability classified as problematic has been found in SourceCodester Sanitization Management System 1.0. Affected is an unknown function of the component User Creation Handler. The manipulation of the argument First Name/Middle Name/…
- CVE-2022-3519LOWCVSS 2.4EG 6.12022-10-15
A vulnerability classified as problematic was found in SourceCodester Sanitization Management System 1.0. Affected by this vulnerability is an unknown functionality of the component Quote Requests Tab. The manipulation of the argument Mana…
- CVE-2022-3546LOWCVSS 2.4EG 4.82022-10-17
A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /csms/admin/?page=user/list of the component Create User …
- CVE-2022-3547LOWCVSS 2.4EG 4.82022-10-17
A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /csms/admin/?page=system_info of the component Setting Handler. The mani…
- CVE-2022-3548LOWCVSS 2.4EG 4.82022-10-17
A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the component Add New Storage Handler. The manipulation of the argument …
- CVE-2022-3579MEDIUMCVSS 6.3EG 8.82022-10-18
A vulnerability classified as critical was found in SourceCodester Cashier Queuing System 1.0. This vulnerability affects unknown code of the file /queuing/login.php of the component Login Page. The manipulation of the argument username/pa…
- CVE-2022-3580LOWCVSS 2.4EG 6.12022-10-18
A vulnerability, which was classified as problematic, has been found in SourceCodester Cashier Queuing System 1.0.1. This issue affects some unknown processing of the component User Creation Handler. The manipulation leads to cross site sc…
- CVE-2022-3581LOWCVSS 2.4EG 6.12022-10-18
A vulnerability, which was classified as problematic, was found in SourceCodester Cashier Queuing System 1.0. Affected is an unknown function of the component Cashiers Tab. The manipulation of the argument Name leads to cross site scriptin…
- CVE-2022-3583HIGHCVSS 7.3EG 9.82022-10-18
A vulnerability was found in SourceCodester Canteen Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php. The manipulation of the argument business leads to sql injection. T…
- CVE-2022-3584MEDIUMCVSS 6.3EG 8.82022-10-18
A vulnerability was found in SourceCodester Canteen Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file edituser.php. The manipulation of the argument id leads to sql injection. The …
- CVE-2022-3587LOWCVSS 3.5EG 5.42022-10-18
A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component My Account. The manipulation of the arg…
- CVE-2022-3671MEDIUMCVSS 6.3EG 9.82022-10-26
A vulnerability classified as critical was found in SourceCodester eLearning System 1.0. This vulnerability affects unknown code of the file /admin/students/manage.php. The manipulation of the argument id leads to sql injection. The attack…
- CVE-2022-3672LOWCVSS 3.5EG 6.12022-10-26
A vulnerability, which was classified as problematic, has been found in SourceCodester Sanitization Management System 1.0. This issue affects some unknown processing of the file /php-sms/classes/SystemSettings.php. The manipulation of the …
- CVE-2022-3673LOWCVSS 3.5EG 6.12022-10-26
A vulnerability, which was classified as problematic, was found in SourceCodester Sanitization Management System 1.0. Affected is an unknown function of the file /php-sms/classes/Master.php. The manipulation of the argument message leads t…
- CVE-2022-3704LOWCVSS 3.5EG 3.52022-10-26
A vulnerability classified as problematic has been found in Ruby on Rails. This affects an unknown part of the file actionpack/lib/action_dispatch/middleware/templates/routes/_table.html.erb. The manipulation leads to cross site scripting.…
- CVE-2022-3714MEDIUMCVSS 5.0EG 9.82022-10-27
A vulnerability classified as critical has been found in SourceCodester Online Medicine Ordering System 1.0. Affected is an unknown function of the file admin/?page=orders/view_order. The manipulation of the argument id leads to sql inject…
- CVE-2022-3716LOWCVSS 3.5EG 5.42022-10-27
A vulnerability classified as problematic was found in SourceCodester Online Medicine Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /omos/admin/?page=user/list. The manipulation of the argument…
- CVE-2022-3729MEDIUMCVSS 6.3EG 9.82022-10-28
A vulnerability, which was classified as critical, has been found in seccome Ehoney. This issue affects some unknown processing of the file /api/v1/attack. The manipulation of the argument AttackIP leads to sql injection. The attack may be…
- CVE-2022-3730MEDIUMCVSS 6.3EG 9.82022-10-28
A vulnerability, which was classified as critical, was found in seccome Ehoney. Affected is an unknown function of the file /api/v1/attack/falco. The manipulation of the argument Payload leads to sql injection. It is possible to launch the…
- CVE-2022-3731MEDIUMCVSS 6.3EG 9.82022-10-28
A vulnerability has been found in seccome Ehoney and classified as critical. Affected by this vulnerability is an unknown functionality of the file /api/v1/attack/token. The manipulation of the argument Payload leads to sql injection. The …
- CVE-2022-3732MEDIUMCVSS 6.3EG 9.82022-10-28
A vulnerability was found in seccome Ehoney and classified as critical. Affected by this issue is some unknown functionality of the file /api/v1/bait/set. The manipulation of the argument Payload leads to sql injection. The attack may be l…
- CVE-2022-3733MEDIUMCVSS 5.0EG 8.82022-10-28
A vulnerability was found in SourceCodester Web-Based Student Clearance System. It has been classified as critical. This affects an unknown part of the file Admin/edit-admin.php. The manipulation of the argument id leads to sql injection. …
- CVE-2022-3783LOWCVSS 3.5EG 3.52022-10-31
A vulnerability, which was classified as problematic, has been found in node-red-dashboard. This issue affects some unknown processing of the file components/ui-component/ui-component-ctrl.js of the component ui_text Format Handler. The ma…
- CVE-2022-3789MEDIUMCVSS 5.5EG 9.82022-11-01
A vulnerability has been found in Tim Campus Confession Wall and classified as critical. Affected by this vulnerability is an unknown functionality of the file share.php. The manipulation of the argument post_id leads to sql injection. The…
- CVE-2022-3798MEDIUMCVSS 6.3EG 6.32022-11-01
A vulnerability classified as critical has been found in IBAX go-ibax. Affected is an unknown function of the file /api/v2/open/tablesInfo. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit …
- CVE-2022-3799MEDIUMCVSS 6.3EG 6.32022-11-01
A vulnerability classified as critical was found in IBAX go-ibax. Affected by this vulnerability is an unknown functionality of the file /api/v2/open/tablesInfo. The manipulation leads to sql injection. The attack can be launched remotely.…
- CVE-2022-3800MEDIUMCVSS 6.3EG 6.32022-11-01
A vulnerability, which was classified as critical, has been found in IBAX go-ibax. Affected by this issue is some unknown functionality of the file /api/v2/open/rowsInfo. The manipulation of the argument table_name leads to sql injection. …
- CVE-2022-3801MEDIUMCVSS 6.3EG 6.32022-11-01
A vulnerability, which was classified as critical, was found in IBAX go-ibax. This affects an unknown part of the file /api/v2/open/rowsInfo. The manipulation of the argument order leads to sql injection. It is possible to initiate the att…
- CVE-2022-3802MEDIUMCVSS 6.3EG 6.32022-11-01
A vulnerability has been found in IBAX go-ibax and classified as critical. This vulnerability affects unknown code of the file /api/v2/open/rowsInfo. The manipulation of the argument where leads to sql injection. The attack can be initiate…
- CVE-2022-3803LOWCVSS 3.5EG 6.12022-11-01
A vulnerability was found in eolinker apinto-dashboard and classified as problematic. This issue affects some unknown processing of the file /api/discoveries/. The manipulation leads to cross site scripting. The attack may be initiated rem…
- CVE-2022-3804MEDIUMCVSS 4.3EG 6.12022-11-01
A vulnerability was found in eolinker apinto-dashboard. It has been classified as problematic. Affected is an unknown function of the file /login. The manipulation of the argument callback leads to cross site scripting. It is possible to l…
- CVE-2022-3825MEDIUMCVSS 6.3EG 6.52022-11-02
A vulnerability was found in Huaxia ERP 2.3 and classified as critical. Affected by this issue is some unknown functionality of the component User Management. The manipulation of the argument login leads to sql injection. The attack may be…
- CVE-2022-3827MEDIUMCVSS 6.3EG 6.32022-11-02
A vulnerability was found in centreon. It has been declared as critical. This vulnerability affects unknown code of the file formContactGroup.php of the component Contact Groups Form. The manipulation of the argument cg_id leads to sql inj…
- CVE-2022-3845LOWCVSS 2.4EG 6.12022-11-02
A vulnerability has been found in phpipam and classified as problematic. Affected by this vulnerability is an unknown functionality of the file app/admin/import-export/import-load-data.php of the component Import Preview Handler. The manip…
- CVE-2022-3868MEDIUMCVSS 4.7EG 9.82022-11-05
A vulnerability classified as critical has been found in SourceCodester Sanitization Management System. Affected is an unknown function of the file /php-sms/classes/Master.php?f=save_quote. The manipulation of the argument id leads to sql …
- CVE-2022-3877LOWCVSS 3.5EG 5.42022-12-19
A vulnerability, which was classified as problematic, was found in Click Studios Passwordstate and Passwordstate Browser Extension Chrome. Affected is an unknown function of the component URL Field Handler. The manipulation leads to cross …
- CVE-2022-3878HIGHCVSS 7.3EG 9.82022-11-07
A vulnerability classified as critical has been found in Maxon ERP. This affects an unknown part of the file /index.php/purchase_order/browse_data. The manipulation of the argument tb_search leads to sql injection. It is possible to initia…
- CVE-2022-3941MEDIUMCVSS 5.3EG 9.82022-11-11
A vulnerability has been found in Activity Log Plugin and classified as critical. This vulnerability affects unknown code of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to improper output neutr…
- CVE-2022-3942MEDIUMCVSS 4.3EG 6.12022-11-11
A vulnerability was found in SourceCodester Sanitization Management System and classified as problematic. This issue affects some unknown processing of the file php-sms/?p=request_quote. The manipulation leads to cross site scripting. The …
- CVE-2022-3943LOWCVSS 3.5EG 5.42022-11-11
A vulnerability was found in ForU CMS. It has been classified as problematic. Affected is an unknown function of the file cms_chip.php. The manipulation of the argument name leads to cross site scripting. It is possible to launch the attac…
- CVE-2022-3947MEDIUMCVSS 6.3EG 9.82022-11-11
A vulnerability classified as critical has been found in eolinker goku_lite. This affects an unknown part of the file /balance/service/list. The manipulation of the argument route/keyword leads to sql injection. It is possible to initiate …
- CVE-2022-3948MEDIUMCVSS 6.3EG 9.82022-11-11
A vulnerability classified as critical was found in eolinker goku_lite. This vulnerability affects unknown code of the file /plugin/getList. The manipulation of the argument route/keyword leads to sql injection. The attack can be initiated…
- CVE-2022-3949LOWCVSS 3.5EG 6.12022-11-11
A vulnerability, which was classified as problematic, has been found in Sourcecodester Simple Cashiering System. This issue affects some unknown processing of the component User Account Handler. The manipulation of the argument fullname le…
- CVE-2022-3950LOWCVSS 3.5EG 6.12022-11-11
A vulnerability, which was classified as problematic, was found in sanluan PublicCMS. Affected is the function initLink of the file dwz.min.js of the component Tab Handler. The manipulation leads to cross site scripting. It is possible to …
- CVE-2022-3955HIGHCVSS 7.3EG 9.82022-11-11
A vulnerability was found in tholum crm42. It has been rated as critical. This issue affects some unknown processing of the file crm42\class\class.user.php of the component Login. The manipulation of the argument user_name leads to sql inj…
- CVE-2022-3956MEDIUMCVSS 6.3EG 9.82022-11-11
A vulnerability classified as critical has been found in tsruban HHIMS 2.1. Affected is an unknown function of the component Patient Portrait Handler. The manipulation of the argument PID leads to sql injection. It is possible to launch th…
- CVE-2022-3963LOWCVSS 3.5EG 5.42022-11-12
A vulnerability was found in gnuboard5. It has been classified as problematic. Affected is an unknown function of the file bbs/faq.php of the component FAQ Key ID Handler. The manipulation of the argument fm_id leads to cross site scriptin…
Map vulnerabilities like CWE-707 to your infrastructure
EchelonGraph correlates every CVE — across CWE-707 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →