CVE-2022-31494

LibreHealth EHR Base 2.0.0 allows gacl/admin/acl_admin.php action XSS.Read More ...

Continue Reading

June 06, 2022

CVE-2022-29296

A reflected cross-site scripting (XSS) vulnerability in the login portal of Avantune Genialcloud ProJ - 10 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.Read More ...

Continue Reading

June 06, 2022

CVE-2022-28479

SeedDMS versions 6.0.18 and 5.1.25 and below are vulnerable to stored XSS. An attacker with admin privileges can inject the payload inside the "Role management" menu and then trigger the payload by lo ...

Continue Reading

June 06, 2022

CVE-2022-28478

SeedDMS 6.0.17 and 5.1.24 are vulnerable to Directory Traversal. The "Remove file" functionality inside the "Log files management" menu does not sanitize user input allowing attackers with admin privi ...

Continue Reading

June 06, 2022

CVE-2022-28051

The "Add category" functionality inside the "Global Keywords" menu in "SeedDMS" version 6.0.18 and 5.1.25, is prone to stored XSS which allows an attacker to inject malicious javascript code.Read More ...

Continue Reading

June 06, 2022

CVE-2022-27438

Caphyon Ltd Advanced Installer 19.2 was discovered to contain a remote code execution (RCE) vulnerability via the Update Check function.Read More ...

Continue Reading

June 06, 2022

CVE-2022-30927

A SQL injection vulnerability exists in Simple Task Scheduling System 1.0 when MySQL is being used as the application database. An attacker can issue SQL commands to the MySQL database through the vul ...

Continue Reading

June 06, 2022

CVE-2022-32511

jmespath.rb (aka JMESPath for Ruby) before 1.6.1 uses JSON.load in a situation where JSON.parse is preferable.Read More ...

Continue Reading

June 06, 2022

1 90,303 90,304 90,305 90,306 90,307 90,833

Back to Main
Subscribe for the latest news: