CVE-2026-1022

Statistics Database System developed by Gotac has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...

CVE-2025-1022

Versions of the package spatie/browsershot before 5.0.5 are vulnerable to Improper Input Validation in the setHtml function, invoked by Browsershot::html, which can be bypassed by omitting the slashes in the file URI e.g., file:../../../../etc/passwd. This is due to missing validations of the use...

CVE-2025-13698

creationtimestamp| type| source ---|---|--- 2025-11-25 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-1022/...

CVE-2020-1022

A remote code execution vulnerability exists in Microsoft Dynamics Business Central, aka 'Dynamics Business Central Remote Code Execution Vulnerability'...

CVE-2025-1022

Versions of the package spatie/browsershot before 5.0.5 are vulnerable to Improper Input Validation in the setHtml function, invoked by Browsershot::html, which can be bypassed by omitting the slashes in the file URI e.g., file:../../../../etc/passwd. This is due to missing validations of the use...

CVE-2025-1022

creationtimestamp| type| source ---|---|--- 2025-02-05 05:08:11+00:00| seen| https://infosec.exchange/users/cve/statuses/113949546296359039 2025-02-05 05:15:33+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhfsvjh7k62t 2025-02-05 06:48:35+00:00| seen|...

CVE-2025-1022

Versions of the package spatie/browsershot before 5.0.5 are vulnerable to Improper Input Validation in the setHtml function, invoked by Browsershot::html, which can be bypassed by omitting the slashes in the file URI e.g., file:../../../../etc/passwd. This is due to missing validations of the use...

CVE-2025-1022

Versions of the package spatie/browsershot before 5.0.5 are vulnerable to Improper Input Validation in the setHtml function, invoked by Browsershot::html, which can be bypassed by omitting the slashes in the file URI e.g., file:../../../../etc/passwd. This is due to missing validations of the use...

CVE-2025-1022

Versions of spatie/browsershot before 5.0.5 are vulnerable to Improper Input Validation in the setHtml function, invoked by Browsershot::html(). An attacker can bypass validation by omitting slashes in the file URI (for example, file:../../../../etc/passwd), due to missing input filtering that sh...

CVE-2024-1022

creationtimestamp| type| source ---|---|--- 2024-01-30 00:21:29+00:00| seen| https://t.me/ctinow/175620 2024-02-21 14:06:54+00:00| seen| https://t.me/ctinow/189594...

CVE-2024-1022

CVE-2024-1022 affects CodeAstro Simple Student Result Management System v5.6, with a vulnerability in the /add_classes.php page where manipulating the parameter Class Name enables cross-site scripting (XSS) . The issue is exploitable remotely and the exploit has been disclosed publicly. Multiple ...

Oracle Linux 7 : file (ELSA-2020-1022)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-1022 advisory. 5.11-36 - fix out-of-bounds read via a crafted ELF file CVE-2018-10360 Tenable has extracted the preceding description block directly from the Oracle Linux...

CVE-2023-1022

creationtimestamp| type| source ---|---|--- 2023-02-28 16:29:23+00:00| seen| https://t.me/cibsecurity/59096...

CVE-2023-1022

CVE-2023-1022 affects the WP Meta SEO WordPress plugin. Root cause: missing capability check in wpmsGGSaveInformation, with access control relying on nonce checks that are accessible to all authenticated users. Affected versions: up to and including 4.5.3. Impact: authenticated subscribers can up...

CVE-2022-1022

creationtimestamp| type| source ---|---|--- 2022-04-21 18:26:45+00:00| seen| https://t.me/cibsecurity/41227...

CVE-2022-1022

Chatwoot (chatwoot/chatwoot) contains a stored XSS in versions prior to 2.5.0. The vulnerability stems from insufficient input validation/filtering and the use of v-html in the UI, which can cause injected JavaScript to execute in the client. Exploitation details in the Huntr report demonstrate p...

CVE-2022-1022 Cross-site Scripting (XSS) - Stored in chatwoot/chatwoot

Cross-site Scripting XSS - Stored in GitHub repository chatwoot/chatwoot prior to 2.5.0...

Security Updates for Microsoft Dynamics NAV (Apr 2020)

The Microsoft Dynamics NAV install is missing a security update. It is, therefore, affected by the following vulnerabilities : - An information disclosure vulnerability exists in Dynamics NAV due to the application not properly hiding the value of a masked field when showing the records as a char...

Security Updates for Microsoft Dynamics 365 Business Central (Apr 2020)

The Microsoft Dynamics 365 Business Central install is missing a security update. It is, therefore, affected by a the following vulnerabilities : - An information disclosure vulnerability exists in Business Central due to the application not properly hiding the value of a masked field when showin...

CVE-2020-1022

A remote code execution vulnerability exists in Microsoft Dynamics Business Central, aka 'Dynamics Business Central Remote Code Execution Vulnerability'...