13 matches found
CVE-2026-22540
creationtimestamp| type| source ---|---|--- 2026-01-07 14:33:12+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115854304322324575 2026-01-07 16:04:37+00:00| published-proof-of-concept| Telegram/C5Pt7uloxKJDrqitQkO17NAOQQ9eE92f4ibyk5mNwogme0 2026-01-07 16:04:53+00:00| seen|...
CVE-2020-22540
Stored Cross-Site Scripting XSS vulnerability in Codoforum v4.9, allows attackers to execute arbitrary code and obtain sensitive information via crafted payload to Category name component...
CVE-2025-22540
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in seballero Emailing Subscription email-suscripcion allows Blind SQL Injection.This issue affects Emailing Subscription: from n/a through = 1.4.1...
CVE-2025-22540
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in seballero Emailing Subscription email-suscripcion allows Blind SQL Injection.This issue affects Emailing Subscription: from n/a through = 1.4.1...
CVE-2025-22540 WordPress Emailing Subscription Plugin <= 1.4.1 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in seballero Emailing Subscription email-suscripcion allows Blind SQL Injection.This issue affects Emailing Subscription: from n/a through = 1.4.1...
CVE-2025-22540 WordPress Emailing Subscription Plugin <= 1.4.1 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Sebastian Orellana Emailing Subscription allows Blind SQL Injection.This issue affects Emailing Subscription: from n/a through 1.4.1...
CVE-2020-22540
Stored Cross-Site Scripting XSS vulnerability in Codoforum v4.9, allows attackers to execute arbitrary code and obtain sensitive information via crafted payload to Category name component...
CVE-2020-22540
CVE-2020-22540 (Codoforum v4.9) is a stored XSS vulnerability in the Category name component. The NVD description, Red Hat advisory, and other connected sources consistently state that an attacker can execute arbitrary code and obtain sensitive information via a crafted payload. The CVSSv3.1 base...
SAP NetWeaver AS ABAP Multiple Vulnerabilities (Feb 2022)
Multiple vulnerabilities may be present in SAP NetWeaver Application Server ABAP, including the following: - SAP Netweaver AS - versions 700, 701, 702, 710, 711, 730, 740, 750, 751, 752, 753, 754, 755, 756 - contain a cross-site scripting vulnerability that allows an unauthenticated attacker to...
CVE-2022-22540
CVE-2022-22540 affects SAP NetWeaver AS ABAP (Workplace Server) across multiple versions (700, 701, 702, 731, 740, 750–756, 787). The connected sources describe a SQL injection vulnerability that enables an attacker to execute crafted database queries and potentially disclose a table of contents ...
CVE-2021-22540
Bad validation logic in the Dart SDK versions prior to 2.12.3 allow an attacker to use an XSS attack via DOM clobbering. The validation logic in dart:html for creating DOM nodes from text did not sanitize properly when it came across template tags...
CVE-2021-22540
The CVE-2021-22540 issue affects the Dart SDK prior to 2.12.3. Root cause: bad validation logic in dart:html when creating DOM nodes from text, which did not sanitize template tags. Impact: enables cross-site scripting via DOM clobbering. Affected component: Dart SDK (web/dom handling). Remediati...
CVE-2021-22540 XSS in Dart SDK
Bad validation logic in the Dart SDK versions prior to 2.12.3 allow an attacker to use an XSS attack via DOM clobbering. The validation logic in dart:html for creating DOM nodes from text did not sanitize properly when it came across template tags...