Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-32128 | 1 74cms | 1 74cmsse | 2022-06-29 | 4.3 MEDIUM | 6.1 MEDIUM |
| 74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company/service/increment/add/im. | |||||
| CVE-2022-32127 | 1 74cms | 1 74cmsse | 2022-06-29 | 4.3 MEDIUM | 6.1 MEDIUM |
| 74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company/view_be_browsed/total. | |||||
| CVE-2022-32126 | 1 74cms | 1 74cmsse | 2022-06-29 | 4.3 MEDIUM | 6.1 MEDIUM |
| 74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company. | |||||
| CVE-2022-32131 | 1 74cms | 1 74cmsse | 2022-06-29 | 4.3 MEDIUM | 6.1 MEDIUM |
| 74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /index/notice/show. | |||||
| CVE-2022-32130 | 1 74cms | 1 74cmsse | 2022-06-29 | 4.3 MEDIUM | 6.1 MEDIUM |
| 74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company/down_resume/total/nature. | |||||
| CVE-2022-32129 | 1 74cms | 1 74cmsse | 2022-06-29 | 4.3 MEDIUM | 6.1 MEDIUM |
| 74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company/account/safety/trade. | |||||
| CVE-2022-31374 | 1 Contec | 2 Sv-cpt-mc310, Sv-cpt-mc310 Firmware | 2022-06-29 | 7.5 HIGH | 9.8 CRITICAL |
| An arbitrary file upload vulnerability /images/background/1.php in of SolarView Compact 6.0 allows attackers to execute arbitrary code via a crafted php file. | |||||
| CVE-2022-31373 | 1 Contec | 2 Sv-cpt-mc310, Sv-cpt-mc310 Firmware | 2022-06-29 | 4.3 MEDIUM | 6.1 MEDIUM |
| SolarView Compact v6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component Solar_AiConf.php. | |||||
| CVE-2022-31306 | 1 F5 | 1 Njs | 2022-06-29 | 4.3 MEDIUM | 5.5 MEDIUM |
| Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_array_convert_to_slow_array at src/njs_array.c. | |||||
| CVE-2022-31303 | 1 Maccms | 1 Maccms | 2022-06-29 | 3.5 LOW | 5.4 MEDIUM |
| maccms10 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Server Group text field. | |||||
| CVE-2022-2246 | 2022-06-28 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
| CVE-2022-2174 | 1 Microweber | 1 Microweber | 2022-06-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.2.18. | |||||
| CVE-2022-32159 | 1 Infogami | 1 Infogami | 2022-06-28 | 3.5 LOW | 5.4 MEDIUM |
| In openlibrary versions deploy-2016-07-0 through deploy-2021-12-22 are vulnerable to Stored XSS. | |||||
| CVE-2022-32973 | 1 Tenable | 1 Nessus | 2022-06-28 | 9.0 HIGH | 8.8 HIGH |
| An authenticated attacker could create an audit file that bypasses PowerShell cmdlet checks and executes commands with administrator privileges. | |||||
| CVE-2022-1614 | 1 Wp-email Project | 1 Wp-email | 2022-06-28 | 4.3 MEDIUM | 7.5 HIGH |
| The WP-EMail WordPress plugin before 2.69.0 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based anti-spamming restrictions. | |||||
| CVE-2022-1610 | 1 Seamless Donations Project | 1 Seamless Donations | 2022-06-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| The Seamless Donations WordPress plugin before 5.1.9 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack | |||||
| CVE-2022-31786 | 1 Ideaco | 1 Idealms | 2022-06-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| IdeaLMS 2022 allows reflected Cross Site Scripting (XSS) via the IdeaLMS/Class/Assessment/ PATH_INFO. | |||||
| CVE-2022-33995 | 1 Devolutions | 1 Remote Desktop Manager | 2022-06-28 | 5.0 MEDIUM | 7.5 HIGH |
| A path traversal issue in entry attachments in Devolutions Remote Desktop Manager before 2022.2 allows attackers to create or overwrite files in an arbitrary location. | |||||
| CVE-2022-32974 | 1 Tenable | 1 Nessus | 2022-06-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| An authenticated attacker could read arbitrary files from the underlying operating system of the scanner using a custom crafted compliance audit file without providing any valid SSH credentials. | |||||
| CVE-2022-25585 | 1 Unioncms Project | 1 Unioncms | 2022-06-28 | 3.5 LOW | 5.4 MEDIUM |
| Unioncms v1.0.13 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Default settings. | |||||