CyberSecurityBoard
Sponsor Register Login

CVE-2022-3733

A vulnerability was found in SourceCodester Web-Based Student Clearance System. It has been classified as critical. This affects an unknown part of the file Admin/edit-admin.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-212415.

Publication date: Fri, 28 Oct 2022 13:15:00 +0000


Cyber News related to CVE-2022-3733

CVE-2022-48919 - In the Linux kernel, the following vulnerability has been resolved: ...
1 year ago
CVE-2022-3733 - A vulnerability was found in SourceCodester Web-Based Student Clearance System. It has been classified as critical. This affects an unknown part of the file Admin/edit-admin.php. The manipulation of the argument id leads to sql injection. It is ...
3 years ago
CVE-2005-3733 - The Internet Key Exchange version 1 (IKEv1) implementation in Juniper JUNOS and JUNOSe software for M, T, and J-series routers before release 6.4, and E-series routers before 7-1-0, allows remote attackers to cause a denial of service and possibly ...
15 years ago
CVE-2019-3733 - RSA BSAFE Crypto-C Micro Edition, all versions prior to 4.1.4, is vulnerable to three (3) different Improper Clearing of Heap Memory Before Release vulnerability, also known as 'Heap Inspection vulnerability'. A malicious remote user could ...
3 years ago
CVE-2011-3733 - Elgg 1.7.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by vendors/simpletest/test/visual_test.php and certain other files. ...
14 years ago
CVE-2012-3733 - Messages in Apple iOS before 6, when multiple iMessage e-mail addresses are configured, does not ensure that a reply's sender address matches the recipient address of the original message, which allows remote attackers to obtain potentially ...
8 years ago
CVE-2010-3733 - The Engine Utilities component in IBM DB2 UDB 9.5 before FP6a uses world-writable permissions for the sqllib/cfg/db2sprf file, which might allow local users to gain privileges by modifying this file. ...
8 years ago
CVE-2008-3733 - Stack-based buffer overflow in EO Video (eo-video) 1.36 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a .eop (aka playlist) file with a ProjectElement element that contains a long Name element. ...
8 years ago
CVE-2009-3733 - Directory traversal vulnerability in VMware Server 1.x before 1.0.10 build 203137 and 2.x before 2.0.2 build 203138 on Linux, VMware ESXi 3.5, and VMware ESX 3.0.3 and 3.5 allows remote attackers to read arbitrary files via unspecified vectors. ...
7 years ago
CVE-2007-1157 - Cross-site request forgery (CSRF) vulnerability in jmx-console/HtmlAdaptor in JBoss allows remote attackers to perform privileged actions as administrators via certain MBean operations, a different vulnerability than CVE-2006-3733. Affected product ...
7 years ago
CVE-2006-3733 - jmx-console/HtmlAdaptor in the jmx-console in the JBoss web application server, as shipped with Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.2.1, allows remote attackers to gain privileges as the CS-MARS administrator ...
7 years ago
CVE-2015-3733 - WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web ...
7 years ago
CVE-2017-3733 - During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 before 1.1.0e to crash (dependent on ciphersuite). Both clients and servers ...
6 years ago
CVE-2020-3733 - Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. ...
6 years ago
CVE-2016-3733 - The "restore teacher" feature in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to overwrite the course idnumber. ...
5 years ago
CVE-2018-3733 - crud-file-server node module before 0.9.0 suffers from a Path Traversal vulnerability due to incorrect validation of url, which allows a malicious user to read content of any file with known path. ...
3 years ago
CVE-2021-3733 - There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an ...
2 years ago
CVE-2023-3733 - Inappropriate implementation in WebApp Installs in Google Chrome prior to 115.0.5790.98 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium) ...
2 years ago
CVE-2007-3733 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none ...
56 years ago Tenable.com
CVE-2024-3733 - The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.9.15 via the ajax_load_more() , ...
1 year ago
CVE-2025-3733 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Drupal baguetteBox.Js allows Cross-Site Scripting (XSS).This issue affects baguetteBox.Js: from 0.0.0 before 2.0.4, from 3.0.0 before 3.0.1. ...
10 months ago
CVE-2024-35886 - In the Linux kernel, the following vulnerability has been resolved: ...
1 year ago
CVE-2025-22070 - In the Linux kernel, the following vulnerability has been resolved: ...
10 months ago
31 Alarming Identity Theft Statistics for 2024 - Identity theft is a prevalent issue that affects millions of people annually. Although the numbers are startling, we've selected the 31 most concerning identity theft statistics to help you understand how to secure your identity. In 2022, the FTC ...
2 years ago Pandasecurity.com
SecurityWeek Analysis: Over 450 Cybersecurity M&A Deals Announced in 2022 - MSSPs took the lead in cybersecurity M&A in 2022 with twice as many deals as in 2021. An analysis conducted by SecurityWeek shows that more than 450 cybersecurity-related mergers and acquisitions were announced in 2022. In 2022, we tracked a total of ...
3 years ago Securityweek.com

Latest Cyber News


    Cyber Trends (last 7 days)


    Trending Cyber News (last 7 days)