• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2022-35226

February 23, 2023 by godfreyd94

SAP Data Services Management allows an attacker to copy the data from a request and echoed into the application’s immediate response, it will lead to a Cross-Site Scripting vulnerability. The attacker would have to log in to the management console to perform such as an attack, only few of the pages are vulnerable in the DS management console.

CVE-2022-35227

February 23, 2023 by godfreyd94

A vulnerability in SAP NW EP (WPC) – versions 7.30, 7.31, 7.40, 7.50, which does not sufficiently validate user-controlled input, allows a remote attacker to conduct a Cross-Site (XSS) scripting attack. A successful exploit could allow the attacker to execute arbitrary script code which could lead to stealing or modifying of authentication information of the user, such as data relating to his or her current session.

CVE-2022-35229

February 23, 2023 by godfreyd94

An authenticated user can create a link with reflected Javascript code inside it for the discovery page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict.

CVE-2022-35230

February 23, 2023 by godfreyd94

An authenticated user can create a link with reflected Javascript code inside it for the graphs page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict.

CVE-2022-35117

February 23, 2023 by godfreyd94

Clinic’s Patient Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via update_medicine_details.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Packing text box under the Update Medical Details module.

CVE-2022-35118

February 23, 2023 by godfreyd94

PyroCMS v3.9 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 1892
  • Go to page 1893
  • Go to page 1894
  • Go to page 1895
  • Go to page 1896
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE