6574 matches found
CVE-2022-1509
Command Injection Vulnerability in GitHub repository hestiacp/hestiacp prior to 1.5.12. An authenticated remote attacker with low privileges can execute arbitrary code under root context...
CVE-2022-1770
Improper Privilege Management in GitHub repository polonel/trudesk prior to 1.2.2...
CVE-2022-1176
Loose comparison causes IDOR on multiple endpoints in GitHub repository livehelperchat/livehelperchat prior to 3.96...
CVE-2022-1752
Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.2...
CVE-2022-1909
Cross-site Scripting XSS - Stored in GitHub repository causefx/organizr prior to 2.1.2200...
CVE-2022-1774
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository jgraph/drawio prior to 18.0.7...
CVE-2022-1181
Stored Cross Site Scripting in GitHub repository openemr/openemr prior to 6.0.0.2...
CVE-2022-1721
Path Traversal in WellKnownServlet in GitHub repository jgraph/drawio prior to 18.0.5. Read local files of the web application...
CVE-2022-1316
Incorrect Permission Assignment for Critical Resource in GitHub repository zerotier/zerotierone prior to 1.8.8. Local Privilege Escalation...
CVE-2022-1235
Weak secrethash can be brute-forced in GitHub repository livehelperchat/livehelperchat prior to 3.96...
CVE-2022-1340
Cross-site Scripting XSS - Stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0...
CVE-2022-1698
Allowing long password leads to denial of service in GitHub repository causefx/organizr prior to 2.1.2000. This vulnerability can be abused by doing a DDoS attack for which genuine users will not able to access resources/applications...
CVE-2022-1034
There is a Unrestricted Upload of File vulnerability in ShowDoc v2.10.3 in GitHub repository star7th/showdoc prior to 2.10.4...
CVE-2022-1681
Authentication Bypass Using an Alternate Path or Channel in GitHub repository requarks/wiki prior to 2.5.281. User can get root user permissions...
CVE-2022-1429
SQL injection in GridHelperService.php in GitHub repository pimcore/pimcore prior to 10.3.6. This vulnerability is capable of steal the data...
CVE-2022-1775
Weak Password Requirements in GitHub repository polonel/trudesk prior to 1.2.2...
CVE-2022-1021
Insecure Storage of Sensitive Information in GitHub repository chatwoot/chatwoot prior to 2.6.0...
CVE-2022-1883
SQL Injection in GitHub repository camptocamp/terraboard prior to 2.2.0...
CVE-2022-1173
stored xss in GitHub repository getgrav/grav prior to 1.7.33...
CVE-2022-1290
Stored XSS in "Name", "Group Name" & "Title" in GitHub repository polonel/trudesk prior to v1.2.0. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse...