Rukovoditel Security Vulnerabilities and Issues — Rukovoditel CVE List

Lucene search

RukovoditelRukovoditel

10 matches found

CVE•added 2022/12/05 11:15 p.m.•73 views

CVE-2022-45020

Rukovoditel v3.2.1 was discovered to contain a DOM-based cross-site scripting (XSS) vulnerability in the component /rukovoditel/index.php?module=users/login. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.

8.8CVSS7.7AI score0.00134EPSS

CVE•added 2022/12/02 8:15 p.m.•67 views

CVE-2022-44947

Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Highlight Row feature at /index.php?module=entities/listing_types&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into th...

5.4CVSS5.3AI score0.01097EPSS

CVE•added 2022/12/02 8:15 p.m.•66 views

CVE-2022-44945

Rukovoditel v3.2.1 was discovered to contain a SQL injection vulnerability via the heading_field_id parameter.

9.8CVSS9.7AI score0.0029EPSS

CVE•added 2022/12/02 8:15 p.m.•55 views

CVE-2022-44950

Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add New Field function at /index.php?module=entities/fields&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name...

5.4CVSS5.3AI score0.01727EPSS

CVE•added 2022/12/02 8:15 p.m.•52 views

CVE-2022-44949

5.4CVSS5.3AI score0.01727EPSS

CVE•added 2022/12/02 8:15 p.m.•52 views

CVE-2022-44951

Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add New Form tab function at /index.php?module=entities/forms&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Na...

5.4CVSS5.3AI score0.01727EPSS

CVE•added 2022/12/02 8:15 p.m.•50 views

CVE-2022-44948

Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Entities Group feature at/index.php?module=entities/entities_groups. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field ...

5.4CVSS5.3AI score0.01727EPSS

CVE•added 2022/12/02 8:15 p.m.•50 views

CVE-2022-44952

Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in /index.php?module=configuration/application. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Copyright Text field after clicking "Ad...

5.4CVSS5.3AI score0.0151EPSS

CVE•added 2022/12/02 8:15 p.m.•46 views

CVE-2022-44944

Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add Announcement function at /index.php?module=help_pages/pages&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the ...

5.4CVSS5.3AI score0.01097EPSS

CVE•added 2022/12/02 8:15 p.m.•46 views

CVE-2022-44946

Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add Page function at /index.php?module=help_pages/pages&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title fi...

5.4CVSS5.3AI score0.01097EPSS