Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2022-07-14	CVE-2022-32409	Path Traversal vulnerability in Softwarepublico I3Geo 7.0.5 A local file inclusion (LFI) vulnerability in the component codemirror.php of Portal do Software Publico Brasileiro i3geo v7.0.5 allows attackers to execute arbitrary PHP code via a crafted HTTP request. network low complexity softwarepublico CWE-22 critical	9.8
2017-10-23	CVE-2017-15381	SQL Injection vulnerability in Softwarepublico E-Sic 1.0 SQL Injection exists in E-Sic 1.0 via the f parameter to esiclivre/restrito/inc/buscacep.php (aka the zip code search script). network low complexity softwarepublico CWE-89 critical	9.8
2017-10-23	CVE-2017-15379	SQL Injection vulnerability in Softwarepublico E-Sic 1.0 An authentication bypass exists in the E-Sic 1.0 /index (aka login) URI via '=''or' values for the username and password. network low complexity softwarepublico CWE-89 critical	9.8
2017-10-16	CVE-2017-15373	SQL Injection vulnerability in Softwarepublico E-Sic 1.0 E-Sic 1.0 allows SQL injection via the q parameter to esiclivre/restrito/inc/lkpcep.php (aka the search private area). network low complexity softwarepublico CWE-89 critical	9.8