• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2022-2537

February 23, 2023 by godfreyd94

The WooCommerce PDF Invoices & Packing Slips WordPress plugin before 3.0.1 does not sanitise and escape some parameters before outputting them back in an attributes of an admin page, leading to Reflected Cross-Site Scripting.

CVE-2022-25370

February 23, 2023 by godfreyd94

Apache OFBiz uses the Birt plugin (https://eclipse.github.io/birt-website/) to create data visualizations and reports. In Apache OFBiz release 18.12.05, and earlier versions, by leveraging a vulnerability in Birt (https://bugs.eclipse.org/bugs/show_bug.cgi?id=538142), an unauthenticated malicious user could perform a stored XSS attack in order to inject a malicious payload and execute it using the stored XSS.

CVE-2022-25373

February 23, 2023 by godfreyd94

Zoho ManageEngine SupportCenter Plus before 11020 allows Stored XSS in the request history.

CVE-2022-2538

February 23, 2023 by godfreyd94

The WP Hide & Security Enhancer WordPress plugin before 1.8 does not escape a parameter before outputting it back in an attribute of a backend page, leading to a Reflected Cross-Site Scripting

CVE-2022-25395

February 23, 2023 by godfreyd94

Cosmetics and Beauty Product Online Store v1.0 was discovered to contain multiple reflected cross-site scripting (XSS) attacks via the search parameter under the /cbpos/ app.

CVE-2022-25407

February 23, 2023 by godfreyd94

Hospital Management System v1.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Doctor parameter at /admin-panel1.php.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 2022
  • Go to page 2023
  • Go to page 2024
  • Go to page 2025
  • Go to page 2026
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE