CVE-2026-1022

Statistics Database System developed by Gotac has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files...

CVE-2025-1022

Versions of the package spatie/browsershot before 5.0.5 are vulnerable to Improper Input Validation in the setHtml function, invoked by Browsershot::html, which can be bypassed by omitting the slashes in the file URI e.g., file:../../../../etc/passwd. This is due to missing validations of the use...

CVE-2025-13698

creationtimestamp| type| source ---|---|--- 2025-11-25 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-1022/...

CVE-2020-1022

A remote code execution vulnerability exists in Microsoft Dynamics Business Central, aka 'Dynamics Business Central Remote Code Execution Vulnerability'...

CVE-2025-1022

Versions of the package spatie/browsershot before 5.0.5 are vulnerable to Improper Input Validation in the setHtml function, invoked by Browsershot::html, which can be bypassed by omitting the slashes in the file URI e.g., file:../../../../etc/passwd. This is due to missing validations of the use...

CVE-2025-1022

creationtimestamp| type| source ---|---|--- 2025-02-05 05:08:11+00:00| seen| https://infosec.exchange/users/cve/statuses/113949546296359039 2025-02-05 05:15:33+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhfsvjh7k62t 2025-02-05 06:48:35+00:00| seen|...

CVE-2025-1022

Versions of spatie/browsershot before 5.0.5 are vulnerable to Improper Input Validation in the setHtml function, invoked by Browsershot::html(). An attacker can bypass validation by omitting slashes in the file URI (for example, file:../../../../etc/passwd), due to missing input filtering that sh...

CVE-2025-1022

Versions of the package spatie/browsershot before 5.0.5 are vulnerable to Improper Input Validation in the setHtml function, invoked by Browsershot::html, which can be bypassed by omitting the slashes in the file URI e.g., file:../../../../etc/passwd. This is due to missing validations of the use...

CVE-2025-1022

Versions of the package spatie/browsershot before 5.0.5 are vulnerable to Improper Input Validation in the setHtml function, invoked by Browsershot::html, which can be bypassed by omitting the slashes in the file URI e.g., file:../../../../etc/passwd. This is due to missing validations of the use...

CVE-2024-1022

creationtimestamp| type| source ---|---|--- 2024-01-30 00:21:29+00:00| seen| https://t.me/ctinow/175620 2024-02-21 14:06:54+00:00| seen| https://t.me/ctinow/189594...

CVE-2024-1022

CVE-2024-1022 affects CodeAstro Simple Student Result Management System v5.6, with a vulnerability in the /add_classes.php page where manipulating the parameter Class Name enables cross-site scripting (XSS) . The issue is exploitable remotely and the exploit has been disclosed publicly. Multiple ...

Oracle Linux 7 : file (ELSA-2020-1022)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-1022 advisory. 5.11-36 - fix out-of-bounds read via a crafted ELF file CVE-2018-10360 Tenable has extracted the preceding description block directly from the Oracle Linux...

CVE-2023-1022

creationtimestamp| type| source ---|---|--- 2023-02-28 16:29:23+00:00| seen| https://t.me/cibsecurity/59096...

CVE-2023-1022

CVE-2023-1022 affects the WP Meta SEO WordPress plugin. Root cause: missing capability check in wpmsGGSaveInformation, with access control relying on nonce checks that are accessible to all authenticated users. Affected versions: up to and including 4.5.3. Impact: authenticated subscribers can up...

CVE-2022-1022

creationtimestamp| type| source ---|---|--- 2022-04-21 18:26:45+00:00| seen| https://t.me/cibsecurity/41227...

CVE-2022-1022 Cross-site Scripting (XSS) - Stored in chatwoot/chatwoot

Cross-site Scripting XSS - Stored in GitHub repository chatwoot/chatwoot prior to 2.5.0...

CVE-2022-1022

Chatwoot (chatwoot/chatwoot) contains a stored XSS in versions prior to 2.5.0. The vulnerability stems from insufficient input validation/filtering and the use of v-html in the UI, which can cause injected JavaScript to execute in the client. Exploitation details in the Huntr report demonstrate p...

Security Updates for Microsoft Dynamics NAV (Apr 2020)

The Microsoft Dynamics NAV install is missing a security update. It is, therefore, affected by the following vulnerabilities : - An information disclosure vulnerability exists in Dynamics NAV due to the application not properly hiding the value of a masked field when showing the records as a char...

Security Updates for Microsoft Dynamics 365 Business Central (Apr 2020)

The Microsoft Dynamics 365 Business Central install is missing a security update. It is, therefore, affected by a the following vulnerabilities : - An information disclosure vulnerability exists in Business Central due to the application not properly hiding the value of a masked field when showin...

CVE-2020-1022

A remote code execution vulnerability exists in Microsoft Dynamics Business Central, aka 'Dynamics Business Central Remote Code Execution Vulnerability'...