CyberSecurityBoard
Sponsor Register Login

CVE-2022-2727

A vulnerability was found in SourceCodester Gym Management System. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /mygym/admin/login.php. The manipulation of the argument admin_email/admin_pass leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-205855.

Publication date: Tue, 09 Aug 2022 16:15:00 +0000


Cyber News related to CVE-2022-2727

CVE-2022-2727 - A vulnerability was found in SourceCodester Gym Management System. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /mygym/admin/login.php. The manipulation of the argument ...
2 years ago
CVE-2008-2727 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2008-2725. Reason: This candidate is a duplicate of CVE-2008-2725. Notes: All CVE users should reference CVE-2008-2725 instead of this candidate. All references and descriptions in ...
55 years ago Tenable.com
CVE-2015-2727 - Mozilla Firefox 38.0 and Firefox ESR 38.0 allow user-assisted remote attackers to read arbitrary files or execute arbitrary JavaScript code with chrome privileges via a crafted web site that is accessed with unspecified mouse and keyboard actions. ...
8 years ago
CVE-2013-2729 - Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-2727. ...
6 months ago
CVE-2013-2727 - Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-2729. ...
7 years ago
CVE-2007-2728 - The soap extension in PHP calls php_rand_r with an uninitialized seed variable, which has unknown impact and attack vectors, a related issue to the mcrypt_create_iv issue covered by CVE-2007-2727. ...
3 years ago
CVE-2009-2727 - Stack-based buffer overflow in the _tt_internal_realpath function in the ToolTalk library (libtt.a) in IBM AIX 5.2.0, 5.3.0, 5.3.7 through 5.3.10, and 6.1.0 through 6.1.3, when the rpc.ttdbserver daemon is enabled in /etc/inetd.conf, allows remote ...
15 years ago
CVE-2011-2727 - The (1) templatewrap/templatefoot.php, (2) cmsjs/plugin.js.php, and (3) cmsincludes/cms_plugin_api_link.inc.php scripts in Tribal Tribiq CMS before 5.2.7c allow remote attackers to obtain sensitive information via a direct request, which reveals the ...
9 years ago
CVE-2005-2727 - Home Ftp Server 1.0.7 stores sensitive user information and server information in the same directory as the user's home directory, which allows remote authenticated users to obtain sensitive information by obtaining ftpmembers.lst and ...
7 years ago
CVE-2004-2727 - Buffer overflow in MEHTTPS (HTTPMail) of MailEnable Professional 1.5 through 1.7 allows remote attackers to cause a denial of service (application crash) via a long HTTP GET request. ...
7 years ago
CVE-2012-2727 - Open redirect vulnerability in the Janrain Capture module 6.x-1.0 and 7.x-1.0 for Drupal, when synchronizing user data, allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the destination ...
7 years ago
CVE-2006-2727 - home/register.php in Eggblog before 3.0 allows remote attackers to change the password of administrators and possibly other users via a modified username parameter. This vulnerability is addressed in the following product release: ...
6 years ago
CVE-2017-2727 - Huawei P9 smart phones with software versions earlier before EVA-AL00C00B365, versions earlier before EVA-AL10C00B365,Versions earlier before EVA-CL00C92B365, versions earlier before EVA-DL00C17B365, versions earlier before EVA-TL00C01B365 have a ...
5 years ago
CVE-2014-2727 - The STARTTLS implementation in MailMarshal before 7.2 allows plaintext command injection. ...
4 years ago
CVE-2007-2727 - The mcrypt_create_iv function in ext/mcrypt/mcrypt.c in PHP before 4.4.7, 5.2.1, and possibly 5.0.x and other PHP 5 versions, calls php_rand_r with an uninitialized seed variable and therefore always generates the same initialization vector (IV), ...
2 years ago
CVE-2018-2727 - Vulnerability in the Oracle Financial Services Market Risk Measurement and Management component of Oracle Financial Services Applications (subcomponent: User Interface). The supported version that is affected is 8.0.5. Easily exploitable ...
5 years ago
CVE-2019-2727 - Vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite (subcomponent: Load Testing for Web Apps). The supported version that is affected is 13.3. Easily exploitable vulnerability allows ...
4 years ago
CVE-2020-2727 - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows high privileged ...
3 years ago
CVE-2023-2727 - Users may be able to launch containers using images that are restricted by ImagePolicyWebhook when using ephemeral containers. Kubernetes clusters are only affected if the ImagePolicyWebhook admission plugin is used together with ephemeral ...
1 year ago
CVE-2010-2727 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2010. Notes: none ...
55 years ago Tenable.com
CVE-2016-2727 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none ...
55 years ago Tenable.com
CVE-2024-2727 - HTML injection vulnerability affecting the CIGESv2 system, which allows an attacker to inject arbitrary code and modify elements of the website and email confirmation message. ...
10 months ago
CVE-2024-36919 - In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Remove spin_lock_bh while releasing resources after upload The session resources are used by FW and driver when session is offloaded, once session is uploaded these ...
8 months ago Tenable.com
31 Alarming Identity Theft Statistics for 2024 - Identity theft is a prevalent issue that affects millions of people annually. Although the numbers are startling, we've selected the 31 most concerning identity theft statistics to help you understand how to secure your identity. In 2022, the FTC ...
1 year ago Pandasecurity.com
SecurityWeek Analysis: Over 450 Cybersecurity M&A Deals Announced in 2022 - MSSPs took the lead in cybersecurity M&A in 2022 with twice as many deals as in 2021. An analysis conducted by SecurityWeek shows that more than 450 cybersecurity-related mergers and acquisitions were announced in 2022. In 2022, we tracked a total of ...
2 years ago Securityweek.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)