• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2022-25464

February 23, 2023 by godfreyd94

A stored cross-site scripting (XSS) vulnerability in the component /admin/contenttemp of DoraCMS v2.1.8 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.

CVE-2022-25489

February 23, 2023 by godfreyd94

Atom CMS v2.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the “A” parameter in /widgets/debug.php.

CVE-2022-25493

February 23, 2023 by godfreyd94

HMS v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via treatmentrecord.php.

CVE-2022-25507

February 23, 2023 by godfreyd94

FreeTAKServer-UI v1.9.8 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Callsign parameter.

CVE-2022-25344

February 23, 2023 by godfreyd94

An XSS issue was discovered on Olivetti d-COLOR MF3555 2XD_S000.002.271 devices. The Web Application doesn’t properly check parameters, sent in a /dvcset/sysset/set.cgi POST request via the arg01.Hostname field, before saving them on the server. In addition, the JavaScript malicious content is then reflected back to the end user and executed by the web browser.

CVE-2022-25349

February 23, 2023 by godfreyd94

All versions of package materialize-css are vulnerable to Cross-site Scripting (XSS) due to improper escape of user input (such as <not-a-tag />) that is being parsed as HTML/JavaScript, and inserted into the Document Object Model (DOM). This vulnerability can be exploited when the user-input is provided to the autocomplete component.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 2021
  • Go to page 2022
  • Go to page 2023
  • Go to page 2024
  • Go to page 2025
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE