• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2022-1997
2022-06-14
N/A
5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository francoisjacquet/rosariosis prior to 9.0.
CVE-2022-1996
2023-02-23
N/A
9.1 CRITICAL
Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.
CVE-2022-1995
2022-07-06
N/A
4.8 MEDIUM
The Malware Scanner WordPress plugin before 4.5.2 does not sanitise and escape some of its settings, leading to malicious users with administrator privileges to store malicious Javascript code leading to Cross-Site Scripting attacks when unfiltered_html is disallowed (for example in multisite setup)
CVE-2022-1994
2022-07-06
N/A
4.8 MEDIUM
The Login With OTP Over SMS, Email, WhatsApp and Google Authenticator WordPress plugin before 1.0.8 does not escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed
CVE-2022-1993
2022-06-15
N/A
8.1 HIGH
Path Traversal in GitHub repository gogs/gogs prior to 0.12.9.
CVE-2022-1992
2022-06-15
N/A
9.1 CRITICAL
Path Traversal in GitHub repository gogs/gogs prior to 0.12.9.
CVE-2022-1991
2022-06-14
N/A
4.8 MEDIUM
A vulnerability classified as problematic has been found in Fast Food Ordering System 1.0. Affected is the file Master.php of the Master List. The manipulation of the argument Description with the input foo "> leads to cross site scripting. It is possible to launch the attack remotely but it requires authentication. Exploit details have been disclosed to the public.
CVE-2022-1990
2022-07-06
N/A
4.8 MEDIUM
The Nested Pages WordPress plugin before 3.1.21 does not escape and sanitize the some of its settings, which could allow high privilege users to perform Stored Cross-Site Scripting attacks when the unfiltered_html is disallowed
CVE-2022-1989
2022-08-26
N/A
5.3 MEDIUM
All CODESYS Visualization versions before V4.2.0.0 generate a login dialog vulnerable to information exposure allowing a remote, unauthenticated attacker to enumerate valid users.
CVE-2022-1988
2022-06-12
N/A
6.1 MEDIUM
Cross-site Scripting (XSS) - Generic in GitHub repository neorazorx/facturascripts prior to 2022.09.
« Previous 1 … 10,904 10,905 10,906 10,907 10,908 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE