| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2016-15015 | viafintech Barzahlen Payment Module PHP SDK Webhook.php verify timing discrepancy | viafintech | Barzahlen Payment Module PHP SDK | Low | 2.6 | 2023-01-08 17:15:32 | Deep Dive |
| CVE-2022-4455 | sproctor php-calendar index.php cross site scripting | sproctor | php-calendar | Low | 3.5 | 2022-12-13 00:00:00 | Deep Dive |
| CVE-2022-3881 | WPTools < 3.43 - Subscriber+ Arbitrary Plugin Installation | Unknown | WP Tools Increase Maximum Limits, Repair, Server PHP Info, Javascript errors, File Permissions, Transients, Error Log | 中危 | - | 2022-12-12 17:54:55 | Deep Dive |
| CVE-2022-3882 | WP Memory < 2.46 - Subscriber+ Arbitrary Plugin Installation | Unknown | Memory Usage, Memory Limit, PHP and Server Memory Health Check and Fix Plugin | 中危 | - | 2022-12-12 17:54:34 | Deep Dive |
| CVE-2022-31630 | OOB read due to insufficient input validation in imageloadfont() | PHP Group | PHP | Medium | 6.5 | 2022-11-14 06:53:07 | Deep Dive |
| CVE-2022-3972 | Pingkon HMS-PHP adminlogin.php sql injection | Pingkon | HMS-PHP | High | 7.3 | 2022-11-13 00:00:00 | Deep Dive |
| CVE-2022-3973 | Pingkon HMS-PHP Data Pump Metadata admin.php sql injection | Pingkon | HMS-PHP | High | 7.3 | 2022-11-13 00:00:00 | Deep Dive |
| CVE-2022-40294 | CSV Injection in PHP Point of Sale version 19.0, by PHP Point of Sale, LLC | PHP Point of Sale LLC | PHP Point of Sale | 高危 | - | 2022-10-31 20:09:24 | Deep Dive |
| CVE-2022-40290 | Reflected cross-site scripting in PHP Point of Sale version 19.0, by PHP Point of Sale, LLC. | PHP Point of Sale LLC | PHP Point of Sale | 中危 | - | 2022-10-31 20:09:07 | Deep Dive |
| CVE-2022-40295 | Authenticated sensitive information disclosure in PHP Point of Sale version 19.0, by PHP Point of Sale, LLC. | PHP Point of Sale LLC | PHP Point of Sale | 中危 | - | 2022-10-31 20:08:54 | Deep Dive |
| CVE-2022-40287 | Stored cross-site scripting in PHP Point of Sale version 19.0, by PHP Point of Sale, LLC via user profile data fields. | PHP Point of Sale LLC | PHP Point of Sale | 超危 | - | 2022-10-31 20:08:12 | Deep Dive |
| CVE-2022-40296 | Server-side request forgery (SSRF) in PHP Point of Sale version 19.0, by PHP Point of Sale, LLC. | PHP Point of Sale LLC | PHP Point of Sale | 超危 | - | 2022-10-31 20:07:57 | Deep Dive |
| CVE-2022-40289 | Stored cross-site scripting in PHP Point of Sale version 19.0, by PHP Point of Sale, LLC via file upload and download functionality. | PHP Point of Sale LLC | PHP Point of Sale | 超危 | - | 2022-10-31 20:07:43 | Deep Dive |
| CVE-2022-40292 | Unauthenticated username enumeration in PHP Point of Sale version 19.0, by PHP Point of Sale, LLC. | PHP Point of Sale LLC | PHP Point of Sale | 中危 | - | 2022-10-31 20:07:10 | Deep Dive |
| CVE-2022-40291 | Cross-site request forgery (CSRF) in PHP Point of Sale version 19.0, by PHP Point of Sale, LLC | PHP Point of Sale LLC | PHP Point of Sale | 高危 | - | 2022-10-31 20:06:42 | Deep Dive |
| CVE-2022-40293 | Session fixation in PHP Point of Sale version 19.0, by PHP Point of Sale, LLC. | PHP Point of Sale LLC | PHP Point of Sale | 超危 | - | 2022-10-31 20:05:55 | Deep Dive |
| CVE-2022-40288 | Stored cross-site scripting in PHP Point of Sale version 19.0, by PHP Point of Sale, LLC via messaging functionality | PHP Point of Sale LLC | PHP Point of Sale | 超危 | - | 2022-10-31 20:05:35 | Deep Dive |
| CVE-2022-31629 | $_COOKIE names string replacement (. -> _): cookie integrity vulnerabilities | PHP Group | PHP | 中危 | - | 2022-09-28 22:25:10 | Deep Dive |
| CVE-2022-31628 | phar wrapper can occur dos when using quine gzip file | PHP Group | PHP | Low | 2.3 | 2022-09-28 22:25:09 | Deep Dive |
| CVE-2022-37344 | WordPress Accommodation System plugin <= 1.0.1 - Missing Access Control vulnerability | PHP Crafts | Accommodation System (WordPress plugin) | High | 7.6 | 2022-09-06 22:19:14 | Deep Dive |