Total
38437 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-35213 | 1 Ecommerce-codeigniter-bootstrap Project | 1 Ecommerce-codeigniter-bootstrap | 2024-11-21 | N/A | 6.1 MEDIUM |
| Ecommerce-CodeIgniter-Bootstrap before commit 56465f was discovered to contain a cross-site scripting (XSS) vulnerability via the function base_url() at /blog/blogpublish.php. | |||||
| CVE-2022-35212 | 1 Oscommerce | 1 Oscommerce | 2024-11-21 | N/A | 6.1 MEDIUM |
| osCommerce2 before v2.3.4.1 was discovered to contain a cross-site scripting (XSS) vulnerability via the function tep_db_error(). | |||||
| CVE-2022-35194 | 1 Testlink | 1 Testlink | 2024-11-21 | N/A | 5.4 MEDIUM |
| TestLink v1.9.20 was discovered to contain a stored cross-site scripting (XSS) vulnerability via /lib/inventory/inventoryView.php. | |||||
| CVE-2022-35174 | 1 Getkirby | 1 Starterkit | 2024-11-21 | N/A | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in Kirby's Starterkit v3.7.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Tags field. | |||||
| CVE-2022-35172 | 1 Sap | 1 Netweaver Enterprise Portal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in reflected Cross-Site Scripting (XSS) vulnerability. | |||||
| CVE-2022-35170 | 1 Sap | 1 Netweaver Enterprise Portal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| SAP NetWeaver Enterprise Portal does - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, not sufficiently encode user-controlled inputs over the network, resulting in reflected Cross-Site Scripting (XSS) vulnerability, therefore changing the scope of the attack. This leads to limited impact on confidentiality and integrity of data. | |||||
| CVE-2022-35163 | 1 Complete Online Job Search System Project | 1 Complete Online Job Search System | 2024-11-21 | N/A | 4.8 MEDIUM |
| Complete Online Job Search System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the U_NAME parameter at /category/controller.php?action=edit. | |||||
| CVE-2022-35162 | 1 Complete Online Job Search System Project | 1 Complete Online Job Search System | 2024-11-21 | N/A | 4.8 MEDIUM |
| Complete Online Job Search System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the CATEGORY parameter at /category/controller.php?action=edit. | |||||
| CVE-2022-35151 | 1 Keking | 1 Kkfileview | 2024-11-21 | N/A | 6.1 MEDIUM |
| kkFileView v4.1.0 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities via the urls and currentUrl parameters at /controller/OnlinePreviewController.java. | |||||
| CVE-2022-35144 | 1 Raneto Project | 1 Raneto | 2024-11-21 | N/A | 4.8 MEDIUM |
| Renato v0.17.0 was discovered to contain a cross-site scripting (XSS) vulnerability. | |||||
| CVE-2022-35133 | 1 Cherrytree Project | 1 Cherrytree | 2024-11-21 | N/A | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in CherryTree v0.99.30 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name text field when creating a node. | |||||
| CVE-2022-35131 | 1 Joplinapp | 1 Joplin | 2024-11-21 | N/A | 9.0 CRITICAL |
| Joplin v2.8.8 allows attackers to execute arbitrary commands via a crafted payload injected into the Node titles. | |||||
| CVE-2022-35118 | 1 Pyrocms | 1 Pyrocms | 2024-11-21 | N/A | 6.1 MEDIUM |
| PyroCMS v3.9 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities. | |||||
| CVE-2022-35117 | 1 Oretnom23 | 1 Clinic\'s Patient Management System | 2024-11-21 | N/A | 4.8 MEDIUM |
| Clinic's Patient Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via update_medicine_details.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Packing text box under the Update Medical Details module. | |||||
| CVE-2022-34991 | 1 Techvill | 1 Paymoney | 2024-11-21 | N/A | 5.4 MEDIUM |
| Paymoney v3.3 was discovered to contain multiple reflected cross-site scripting (XSS) vulnerabilities via the first_name and last_name parameters. | |||||
| CVE-2022-34988 | 1 Inoutscripts | 1 Blockchain Altexchanger | 2024-11-21 | N/A | 5.4 MEDIUM |
| Inout Blockchain AltExchanger v1.2.1 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /admin/js. | |||||
| CVE-2022-34966 | 1 Openteknik | 1 Open Source Social Network | 2024-11-21 | N/A | 7.5 HIGH |
| OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain an HTML injection vulnerability via the location parameter at http://ip_address/:port/ossn/home. | |||||
| CVE-2022-34964 | 1 Openteknik | 1 Open Source Social Network | 2024-11-21 | N/A | 4.8 MEDIUM |
| OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the SitePages module. | |||||
| CVE-2022-34963 | 1 Openteknik | 1 Open Source Social Network | 2024-11-21 | N/A | 5.4 MEDIUM |
| OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the News Feed module. | |||||
| CVE-2022-34962 | 1 Openteknik | 1 Open Source Social Network | 2024-11-21 | N/A | 5.4 MEDIUM |
| OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Group Timeline module. | |||||