CVE-2022-34323

Multiple XSS issues were discovered in Sage XRT Business Exchange 12.4.302 that allow an attacker to execute JavaScript code in the context of other users' browsers. The attacker needs to be authentic ...

Continue Reading

January 01, 2023

CVE-2022-45213

perfSONAR before 4.4.6 inadvertently supports the parse option for a file:// URL.Read More ...

Continue Reading

January 01, 2023

CVE-2022-37786

An issue was discovered in WeCube Platform 3.2.2. There are multiple CSV injection issues: the [Home / Admin / Resources] page, the [Home / Admin / System Params] page, and the [Home / Design / Baseke ...

Continue Reading

January 01, 2023

CVE-2022-40711

PrimeKey EJBCA 7.9.0.2 Community allows stored XSS in the End Entity section. A user with the RA Administrator role can inject an XSS payload to target higher-privilege users.Read More ...

Continue Reading

January 01, 2023

CVE-2022-45027

perfSONAR before 4.4.6, when performing participant discovery, incorrectly uses an HTTP request header value to determine a local address.Read More ...

Continue Reading

January 01, 2023

CVE-2022-37785

An issue was discovered in WeCube Platform 3.2.2. Cleartext passwords are displayed in the configuration for terminal plugins.Read More ...

Continue Reading

January 01, 2023

CVE-2022-34324

Multiple SQL injections in Sage XRT Business Exchange 12.4.302 allow an authenticated attacker to inject malicious data in SQL queries: Add Currencies, Payment Order, and Transfer History.Read More ...

Continue Reading

January 01, 2023

CVE-2022-47634

M-Link Archive Server in Isode M-Link R16.2v1 through R17.0 before R17.0v24 allows non-administrative users to access and manipulate archive data via certain HTTP endpoints, aka LINK-2867.Read More ...

Continue Reading

January 01, 2023

1 371,048 371,049 371,050 371,051 371,052 385,998

Back to Main
Subscribe for the latest news: