Total
38456 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-3580 | 1 Oretnom23 | 1 Cashier Queuing System | 2024-11-21 | N/A | 2.4 LOW |
| A vulnerability, which was classified as problematic, has been found in SourceCodester Cashier Queuing System 1.0.1. This issue affects some unknown processing of the component User Creation Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-211187. | |||||
| CVE-2022-3562 | 1 Librenms | 1 Librenms | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.10.0. | |||||
| CVE-2022-3548 | 1 Oretnom23 | 1 Simple Cold Storage Management System | 2024-11-21 | N/A | 2.4 LOW |
| A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the component Add New Storage Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-211048. | |||||
| CVE-2022-3547 | 1 Simple Cold Storage Management System Project | 1 Simple Cold Storage Management System | 2024-11-21 | N/A | 2.4 LOW |
| A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /csms/admin/?page=system_info of the component Setting Handler. The manipulation of the argument System Name/System Short Name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-211047. | |||||
| CVE-2022-3546 | 1 Oretnom23 | 1 Simple Cold Storage Management System | 2024-11-21 | N/A | 2.4 LOW |
| A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /csms/admin/?page=user/list of the component Create User Handler. The manipulation of the argument First Name/Last Name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-211046 is the identifier assigned to this vulnerability. | |||||
| CVE-2022-3516 | 1 Librenms | 1 Librenms | 2024-11-21 | N/A | 6.1 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.10.0. | |||||
| CVE-2022-3506 | 1 Never5 | 1 Related Posts | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository barrykooij/related-posts-for-wp prior to 2.1.3. | |||||
| CVE-2022-3505 | 1 Sanitization Management System Project | 1 Sanitization Management System | 2024-11-21 | N/A | 3.5 LOW |
| A vulnerability was found in SourceCodester Sanitization Management System. It has been classified as problematic. Affected is an unknown function of the file /php-sms/admin/. The manipulation of the argument page leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-210840. | |||||
| CVE-2022-3502 | 1 Oretnom23 | 1 Human Resource Management System | 2024-11-21 | N/A | 3.5 LOW |
| A vulnerability was found in Human Resource Management System 1.0. It has been classified as problematic. This affects an unknown part of the component Leave Handler. The manipulation of the argument Reason leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-210831. | |||||
| CVE-2022-3497 | 1 Oretnom23 | 1 Human Resource Management System | 2024-11-21 | N/A | 3.5 LOW |
| A vulnerability was found in SourceCodester Human Resource Management System 1.0. It has been classified as problematic. Affected is an unknown function of the component Master List. The manipulation of the argument city/state/country/position leads to cross site scripting. It is possible to launch the attack remotely. VDB-210786 is the identifier assigned to this vulnerability. | |||||
| CVE-2022-3493 | 1 Oretnom23 | 1 Human Resource Management System | 2024-11-21 | N/A | 3.5 LOW |
| A vulnerability, which was classified as problematic, has been found in SourceCodester Human Resource Management System 1.0. This issue affects some unknown processing of the component Add Employee Handler. The manipulation of the argument First Name/Middle Name/Last Name leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-210773 was assigned to this vulnerability. | |||||
| CVE-2022-3464 | 1 Puppycms | 1 Puppycms | 2024-11-21 | N/A | 4.3 MEDIUM |
| A vulnerability classified as problematic has been found in puppyCMS up to 5.1. This affects an unknown part of the file /admin/settings.php. The manipulation of the argument site_name leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-210699. | |||||
| CVE-2022-3442 | 1 Crealogix | 1 Ebics Server | 2024-11-21 | N/A | 3.5 LOW |
| A vulnerability was found in Crealogix EBICS 7.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /ebics-server/ebics.aspx. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 7.1 is able to address this issue. It is recommended to upgrade the affected component. VDB-210374 is the identifier assigned to this vulnerability. | |||||
| CVE-2022-3434 | 1 Web-based Student Clearance System Project | 1 Web-based Student Clearance System | 2024-11-21 | N/A | 3.5 LOW |
| A vulnerability was found in SourceCodester Web-Based Student Clearance System. It has been rated as problematic. Affected by this issue is the function prepare of the file /Admin/add-student.php. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-210356. | |||||
| CVE-2022-3355 | 1 Inventree Project | 1 Inventree | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository inventree/inventree prior to 0.8.3. | |||||
| CVE-2022-3339 | 1 Mcafee | 1 Epolicy Orchestrator | 2024-11-21 | N/A | 5.4 MEDIUM |
| A reflected cross-site scripting (XSS) vulnerability in ePO prior to 5.10 Update 14 allows a remote unauthenticated attacker to potentially obtain access to an ePO administrator's session by convincing the authenticated ePO administrator to click on a carefully crafted link. This would lead to limited access to sensitive information and limited ability to alter some information in ePO. | |||||
| CVE-2022-3255 | 1 Pimcore | 1 Pimcore | 2024-11-21 | N/A | 4.8 MEDIUM |
| If an attacker can control a script that is executed in the victim's browser, then they can typically fully compromise that user. Amongst other things, the attacker can: Perform any action within the application that the user can perform. View any information that the user is able to view. Modify any information that the user is able to modify. Initiate interactions with other application users, including malicious attacks, that will appear to originate from the initial victim user. | |||||
| CVE-2022-3245 | 1 Microweber | 1 Microweber | 2024-11-21 | N/A | 6.1 MEDIUM |
| HTML injection attack is closely related to Cross-site Scripting (XSS). HTML injection uses HTML to deface the page. XSS, as the name implies, injects JavaScript into the page. Both attacks exploit insufficient validation of user input. | |||||
| CVE-2022-3242 | 1 Microweber | 1 Microweber | 2024-11-21 | N/A | 6.1 MEDIUM |
| Code Injection in GitHub repository microweber/microweber prior to 1.3.2. | |||||
| CVE-2022-3231 | 1 Librenms | 1 Librenms | 2024-11-21 | N/A | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.9.0. | |||||