Total
21765 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-41421 | 1 Maianmedia | 1 Maianaffiliate | 2022-06-27 | 3.5 LOW | 4.8 MEDIUM |
| A PHP code injection vulnerability in MaianAffiliate v.1.0 allows an authenticated attacker to gain RCE through the MaianAffiliate admin panel. | |||||
| CVE-2021-33295 | 1 Joplin Project | 1 Joplin | 2022-06-27 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in Joplin Desktop App before 1.8.5 allows attackers to execute aribrary code due to improper sanitizing of html. | |||||
| CVE-2021-36608 | 1 Webtareas Project | 1 Webtareas | 2022-06-27 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in webTareas 2.2p1 via the Name field to /projects/editproject.php. | |||||
| CVE-2021-36609 | 1 Webtareas Project | 1 Webtareas | 2022-06-27 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in webTareas 2.2p1 via the Name field to /linkedcontent/editfolder.php. | |||||
| CVE-2021-36827 | 1 Ninjaforms | 1 Ninja Forms | 2022-06-27 | 3.5 LOW | 4.8 MEDIUM |
| Authenticated (admin or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Saturday Drive's Ninja Forms Contact Form plugin <= 3.6.9 at WordPress via "label". | |||||
| CVE-2022-31301 | 1 Angtech | 1 Haraj | 2022-06-27 | 3.5 LOW | 5.4 MEDIUM |
| Haraj v3.7 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Post Ads component. | |||||
| CVE-2021-41420 | 1 Maianmedia | 1 Maianaffiliate | 2022-06-27 | 3.5 LOW | 5.4 MEDIUM |
| A stored XSS vulnerability in MaianAffiliate v.1.0 allows an authenticated attacker for arbitrary JavaScript code execution in the context of authenticated and unauthenticated users through the MaianAffiliate admin panel. | |||||
| CVE-2022-31914 | 1 Zoo Management System Project | 1 Zoo Management System | 2022-06-27 | 3.5 LOW | 5.4 MEDIUM |
| Zoo Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via zms/admin/public_html/save_animal?an_id=24. | |||||
| CVE-2022-31300 | 1 Angtech | 1 Haraj | 2022-06-27 | 3.5 LOW | 5.4 MEDIUM |
| A cross-site scripting vulnerability in the DM Section component of Haraj v3.7 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request. | |||||
| CVE-2022-31298 | 1 Angtech | 1 Haraj | 2022-06-27 | 3.5 LOW | 5.4 MEDIUM |
| A cross-site scripting vulnerability in the ads comment section of Haraj v3.7 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request. | |||||
| CVE-2021-41663 | 1 1234n | 1 Minicms | 2022-06-27 | 4.3 MEDIUM | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability exists in Mini CMS V1.11. The vulnerability exists in the article upload: post-edit.php page. | |||||
| CVE-2022-29455 | 1 Elementor | 1 Website Builder | 2022-06-27 | 4.3 MEDIUM | 6.1 MEDIUM |
| DOM-based Reflected Cross-Site Scripting (XSS) vulnerability in Elementor's Elementor Website Builder plugin <= 3.5.5 versions. | |||||
| CVE-2016-1229 | 1 Humhub | 1 Humhub | 2022-06-27 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting (XSS) vulnerability in HumHub 0.20.0-beta.1 through 0.20.1 and 1.0.0-beta before 1.0.0-beta.3 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2022-30533 | 1 Webnus | 1 Modern Events Calendar Lite | 2022-06-27 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting vulnerability in Modern Events Calendar Lite versions prior to 6.3.0 allows remote an authenticated attacker to inject an arbitrary script via unspecified vectors. | |||||
| CVE-2022-31906 | 1 Online Fire Reporting System Project | 1 Online Fire Reporting System | 2022-06-27 | 3.5 LOW | 4.8 MEDIUM |
| Online Fire Reporting System v1.0 is vulnerable to Cross Site Scripting (XSS) via /ofrs/classes/Master.php. | |||||
| CVE-2022-31910 | 1 Online Tutor Portal Site Project | 1 Online Tutor Portal Site | 2022-06-27 | 3.5 LOW | 4.8 MEDIUM |
| Online Tutor Portal Site v1.0 is vulnerable to Cross Site Scripting (XSS). via /otps/classes/Master.php. | |||||
| CVE-2022-31913 | 1 Online Discussion Forum Site Project | 1 Online Discussion Forum Site | 2022-06-27 | 3.5 LOW | 4.8 MEDIUM |
| Online Discussion Forum Site v1.0 is vulnerable to Cross Site Scripting (XSS) via /odfs/classes/Master.php?f=save_category, name. | |||||
| CVE-2022-29442 | 1 Private Messages Project | 1 Private Messages | 2022-06-27 | 3.5 LOW | 5.4 MEDIUM |
| Authenticated (subscriber or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Messages For WordPress <= 2.1.10 at WordPress. | |||||
| CVE-2022-29440 | 1 Promotion Slider Project | 1 Promotion Slider | 2022-06-27 | 3.5 LOW | 5.4 MEDIUM |
| Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Promotion Slider plugin <= 3.3.4 at WordPress. | |||||
| CVE-2022-21938 | 1 Johnsoncontrols | 3 Metasys Application And Data Server, Metasys Extended Application And Data Server, Metasys Open Application Server | 2022-06-24 | 3.5 LOW | 5.4 MEDIUM |
| Under certain circumstances, a vulnerability in Metasys ADS/ADX/OAS 10 versions prior to 10.1.5 and Metasys ADS/ADX/OAS 11 versions prior to 11.0.2 could allow a user to inject malicious code into the MUI Graphics web interface. | |||||