CVE-2026-1422

creationtimestamp| type| source ---|---|--- 2026-01-26 09:53:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdcxxht5oj2i...

CVE-2026-1422

A vulnerability was found in code-projects Online Examination System 1.0. Affected by this vulnerability is an unknown functionality of the file /index.php of the component Login Page. Performing a manipulation of the argument User results in sql injection. The attack is possible to be carried ou...

CVE-2026-1422

CVE-2026-1422 affects code-projects Online Examination System 1.0. The vulnerability lies in the Login Page’s /index.php where manipulating the User parameter can trigger a remote SQL injection. Public exploit presence indicates active risk; the impact is described as high for confidentiality, in...

CVE-2013-1422

webcalendar before 1.2.7 shows the reason for a failed login e.g., "no such user"...

CVE-2019-1422

An elevation of privilege vulnerability exists in the way that the iphlpsvc.dll handles file creation allowing for a file overwrite, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1420, CVE-2019-1423...

CVE-2024-1422 Elementor Addon Elements <= 1.12.12 - Authenticated(Contributor+) Stored Cross-Site Scripting via Modal Popup effet

The Elementor Addon Elements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the modal popup widget's effect setting in all versions up to, and including, 1.12.12 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible f...

WordPress Elementor Addon Elements Plugin <= 1.12.12 is vulnerable to Cross Site Scripting (XSS)

Software Elementor Addon Elements Type Plugin Vulnerable versions = 1.12.12 Fixed in 1.13 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1422 Patch priority Low CVSS severity Low 6.5 Developer WPVibes PSID 6fd48d0d495c Credits Webbernaut Required...

CVE-2022-1422

creationtimestamp| type| source ---|---|--- 2022-06-08 14:46:05+00:00| seen| https://t.me/cibsecurity/44013...

CVE-2022-1422

CVE-2022-1422 concerns the WordPress theme Discy (versions before 5.2). The exposed issue is a CSRF in the AJAX endpoint discy_reset_options , which attackers can abuse to trick an admin into restoring site settings to defaults. Connected sources (Red Hat, CNVD, CVE lists, PatchStack/WP vuln DB) ...

CVE-2022-1422 Discy < 5.2 - Restore Default Settings via CSRF

The Discy WordPress theme before 5.2 does not check for CSRF tokens in the AJAX action discyresetoptions, allowing an attacker to trick an admin into resetting the site settings back to defaults...

CVE-2021-1422

creationtimestamp| type| source ---|---|--- 2021-07-16 16:28:06+00:00| seen| https://t.me/cibsecurity/26214...

CVE-2021-1422

A vulnerability in the software cryptography module of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, remote attacker or an unauthenticated attacker in a man-in-the-middle position to cause an unexpected reload of the...

CVE-2021-1422

CVE-2021-1422 affects Cisco ASA Software Release 9.16.1 and Cisco FTD Software Release 7.0.0. The issue is a logic error in the software cryptography module that handles certain decryption errors over an established IPsec connection, causing an abnormal device reload and a DoS. The vulnerability’...

Security Bulletin: Cross-site scripting vulnerabilities affect multiple IBM Rational products based on IBM Jazz technology

Summary Cross-site scripting vulnerabilities affect multiple products: Collaborative Lifecycle Management CLM, Rational DOORS Next Generation RDNG, Rational Engineering Lifecycle Manager RELM, Rational Team Concert RTC, Rational Quality Manager RQM, Rational Rhapsody Design Manager Rhapsody DM an...

SUSE: Security Advisory (SUSE-SU-2014:1422-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:1422-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux AMI : ruby24 (ALAS-2020-1422)

The version of ruby24 installed on the remote host is prior to 2.4.10-2.12. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1422 advisory. Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows HTTP Response Splitting. If a program using...

CVE-2014-1422

creationtimestamp| type| source ---|---|--- 2020-07-22 22:55:08+00:00| seen| https://t.me/cibsecurity/13600...

CVE-2014-1422

The CVE-2014-1422 issue affects Ubuntu’s trust-store component. It causes location permissions revocation to be ineffective because the cache of permissions is honored based on an incorrect ordering and not by creation time, due to the Select struct in src/core/trust/impl/sqlite3/store.cpp. Pract...

CVE-2020-1422

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1249, CVE-2020-1353, CVE-2020-1370, CVE-2020-1399, CVE-2020-1404, CVE-2020-1413,...