CVE-2015-10032 HealthMateWeb createaccount.php cross site scripting

A vulnerability was found in HealthMateWeb. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file createaccount.php. The manipulation of the argument username/password/firstname/lastname/company/phone leads to cross site scripting. The attack...

PT-2023-9997 · Unknown · Sheilazpy Eshop

Name of the Vulnerable Software and Affected Versions: sheilazpy eShop affected versions not specified Description: A critical issue has been found, leading to sql injection through the manipulation of an unknown function. The estimated number of potentially affected devices worldwide is not...

CVE-2022-46177

Discourse vulnerability CVE-2022-46177 affects Discourse versions prior to 2.8.14 (stable) and prior to 3.0.0.beta15 (beta/tests-passed). If a user requests a password-reset link and then changes the primary email, the old reset email can remain valid; using it to reset the password re-links the ...

CVE-2015-10015 glidernet ogn-live sql injection

A vulnerability, which was classified as critical, has been found in glidernet ogn-live. This issue affects some unknown processing. The manipulation leads to sql injection. The patch is named bc0f19965f760587645583b7624d66a260946e01. It is recommended to apply a patch to fix this issue. The...

PT-2023-10115 · Meol1 · Meol1

Name of the Vulnerable Software and Affected Versions: meol1 affected versions not specified Description: A critical issue has been found in meol1, affecting the GetAnimal function of the file opdracht4/index.php. The manipulation of the where argument leads to SQL injection. Recommendations: App...

CVE-2015-10008 82Flex WEIPDCRM sql injection

UNSUPPORTED WHEN ASSIGNED A vulnerability was found in 82Flex WEIPDCRM. It has been classified as critical. This affects an unknown part. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The identifier of the patch is 43bad79392332fa39e31b95268e76fbda9fec3a...

PT-2023-10189 · Opendns · Opendns Openresolve

Name of the Vulnerable Software and Affected Versions: OpenDNS OpenResolve affected versions not specified Description: A problem was found in OpenDNS OpenResolve, related to the function get of the file resolverapi/endpoints.py of the component API. This issue leads to cross site scripting. The...

PT-2023-7517 · Atlassian · Confluence

Name of the Vulnerable Software and Affected Versions: Atlassian Confluence Server versions 4.x.x through 8.5.3 Atlassian Confluence Data Center versions 4.x.x through 8.6.1 Description: This issue allows an authenticated attacker, including one with anonymous access, to inject unsafe user input...

CVE-2022-4817 centic9 jgit-cookbook temp file

A vulnerability was found in centic9 jgit-cookbook. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to insecure temporary file. The attack can be initiated remotely. The name of the patch is b8cb29b43dc704708d598c60ac1881db7cf8e9c3. It is...

PT-2022-28118 · Hotcrp · Hotcrp

Name of the Vulnerable Software and Affected Versions: HotCRP affected versions not specified Description: A vulnerability was found in HotCRP, rated as problematic. It affects some unknown functionality and leads to cross-site scripting. The attack can be launched remotely. Recommendations: To f...

CVE-2021-4270 Imprint CMS ViewHelpers.cs SearchForm cross site scripting

A vulnerability was found in Imprint CMS. It has been classified as problematic. Affected is the function SearchForm of the file ImprintCMS/Models/ViewHelpers.cs. The manipulation of the argument query leads to cross site scripting. It is possible to launch the attack remotely. The name of the...

CVE-2022-4638 collective.contact.widget widgets.py title cross site scripting

A vulnerability classified as problematic was found in collective.contact.widget up to 1.12. This vulnerability affects the function title of the file src/collective/contact/widget/widgets.py. The manipulation leads to cross site scripting. The attack can be initiated remotely. The name of the...

CVE-2022-4594 drogatkin TJWS2 WarRoller.java deployWar path traversal

A vulnerability was found in drogatkin TJWS2. It has been declared as critical. Affected by this vulnerability is the function deployWar of the file 1.x/src/rogatkin/web/WarRoller.java. The manipulation leads to path traversal. The attack can be launched remotely. The name of the patch is...

PT-2022-27580 · Freedom Of The Press · Securedrop

Name of the Vulnerable Software and Affected Versions: Freedom of the Press SecureDrop affected versions not specified Description: A critical issue was found in Freedom of the Press SecureDrop, affecting some unknown functionality of the file gpg-agent.conf. The manipulation of this issue leads ...

CVE-2022-4561 SemanticDrilldown Extension GET Parameter SDBrowseDataPage.php printFilterLine cross site scripting

A vulnerability classified as problematic has been found in SemanticDrilldown Extension. Affected is the function printFilterLine of the file includes/specials/SDBrowseDataPage.php of the component GET Parameter Handler. The manipulation of the argument value leads to cross site scripting. It is...

PT-2022-14749 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue is related to a missing permission check in the registerBroadcastReceiver method of RcsService.java. This could allow for a local escalation of privilege without requiring additional executio...

PT-2022-28015 · Vmware · Vsphere

Name of the Vulnerable Software and Affected Versions: vSphere selfuse version 2a9fe074a64f6a0dd8ac02f21e2f10d66cac5749 Description: The issue allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges via a code execution backdoor in the reque...

CVE-2022-4494 bspkrs MCPMappingViewer ZIP File RemoteZipHandler.java extractZip path traversal

A vulnerability, which was classified as critical, has been found in bspkrs MCPMappingViewer. Affected by this issue is the function extractZip of the file src/main/java/bspkrs/mmv/RemoteZipHandler.java of the component ZIP File Handler. The manipulation leads to path traversal. The attack may be...

PT-2022-27234

Name of the Vulnerable Software and Affected Versions sproctor php-calendar affected versions not specified Description A problematic vulnerability was found in sproctor php-calendar, affecting an unknown part of the file index.php. The manipulation of the argument $ SERVER'PHP SELF' leads to cro...

PT-2022-27057 · Unknown +1 · Ticklishhoneybee Nodau +1

Name of the Vulnerable Software and Affected Versions: TicklishHoneyBee nodau affected versions not specified Description: A critical issue was found in TicklishHoneyBee nodau, affecting some unknown functionality of the file src/db.c. The manipulation of the value/name argument leads to sql...