• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2022-41706

February 23, 2023 by godfreyd94

Browsershot version 3.57.2 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate the URL protocol passed to the Browsershot::url method.

CVE-2022-41611

February 23, 2023 by godfreyd94

Cross-site Scripting (XSS) vulnerability in BlueSpiceDiscovery skin of BlueSpice allows user with admin privileges to inject arbitrary HTML into the main navigation of the application.

CVE-2022-41615

February 23, 2023 by godfreyd94

Cross-Site Scripting (XSS) via Cross-Site Request Forgery (CSRF) vulnerability in Store Locator plugin <= 1.4.5 on WordPress.

CVE-2022-41638

February 23, 2023 by godfreyd94

Auth. Stored Cross-Site Scripting (XSS) in Pop-Up Chop Chop plugin <= 2.1.7 on WordPress.

CVE-2022-41643

February 23, 2023 by godfreyd94

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Accessibility plugin <= 1.0.3 on WordPress.

CVE-2022-41651

February 23, 2023 by godfreyd94

The affected product DIAEnergie (versions prior to v1.9.01.002) is vulnerable to a stored cross-site scripting vulnerability through the SetPF API.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 1802
  • Go to page 1803
  • Go to page 1804
  • Go to page 1805
  • Go to page 1806
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE