CVEs and Security Vulnerabilities

Search

Switch to Advanced Search (Beta)

Total 291504 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2022-44961	1 Webtareas Project	1 Webtareas	2025-04-24	5.4 Medium
webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /forums/editforum.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.
CVE-2022-44960	1 Webtareas Project	1 Webtareas	2025-04-24	5.4 Medium
webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /general/search.php?searchtype=simple. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search field.
CVE-2022-44955	1 Webtareas Project	1 Webtareas	2025-04-24	5.4 Medium
webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the Chat function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Messages field.
CVE-2022-44954	1 Webtareas Project	1 Webtareas	2025-04-24	5.4 Medium
webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /contacts/listcontacts.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Last Name field after clicking "Add".
CVE-2022-44953	1 Webtareas Project	1 Webtareas	2025-04-24	5.4 Medium
webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /linkedcontent/listfiles.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field after clicking "Add".
CVE-2022-44952	1 Rukovoditel	1 Rukovoditel	2025-04-24	5.4 Medium
Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in /index.php?module=configuration/application. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Copyright Text field after clicking "Add".
CVE-2022-44951	1 Rukovoditel	1 Rukovoditel	2025-04-24	5.4 Medium
Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add New Form tab function at /index.php?module=entities/forms&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name field.
CVE-2022-44367	1 Tenda	2 I21, I21 Firmware	2025-04-24	9.8 Critical
Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setUplinkInfo.
CVE-2022-44362	1 Tenda	2 I21, I21 Firmware	2025-04-24	9.8 Critical
Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/AddSysLogRule.
CVE-2022-44348	1 Sanitization Management System Project	1 Sanitization Management System	2025-04-24	7.2 High
Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/orders/update_status.php?id=.
CVE-2022-44347	1 Sanitization Management System Project	1 Sanitization Management System	2025-04-24	7.2 High
Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/?page=inquiries/view_inquiry&id=.
CVE-2022-44345	1 Sanitization Management System Project	1 Sanitization Management System	2025-04-24	7.2 High
Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/?page=quotes/view_quote&id=.
CVE-2022-44296	1 Sanitization Management System Project	1 Sanitization Management System	2025-04-24	7.2 High
Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/quotes/manage_remark.php?id=.
CVE-2022-44295	1 Sanitization Management System Project	1 Sanitization Management System	2025-04-24	7.2 High
Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/orders/assign_team.php?id=.
CVE-2022-44294	1 Sanitization Management System Project	1 Sanitization Management System	2025-04-24	7.2 High
Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/?page=services/manage_service&id=.
CVE-2022-44151	1 Sanitization Management System Project	1 Sanitization Management System	2025-04-24	9.8 Critical
Simple Inventory Management System v1.0 is vulnerable to SQL Injection via /ims/login.php.
CVE-2022-43325	1 Telosalliance	2 Omnia Mpx Node, Omnia Mpx Node Firmware	2025-04-24	9.8 Critical
An unauthenticated command injection vulnerability in the product license validation function of Telos Alliance Omnia MPX Node 1.3.* - 1.4.* allows attackers to execute arbitrary commands via a crafted payload injected into the license input.
CVE-2022-42718	1 Ni	1 Labview Command Line Interface	2025-04-24	7.8 High
Incorrect default permissions in the installation folder for NI LabVIEW Command Line Interface (CLI) may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2022-41412	1 Perfsonar	1 Perfsonar	2025-04-24	8.6 High
An issue in the graphData.cgi component of perfSONAR v4.4.5 and prior allows attackers to access sensitive data and execute Server-Side Request Forgery (SSRF) attacks.
CVE-2022-3709	1 Sophos	2 Xg Firewall, Xg Firewall Firmware	2025-04-24	6.8 Medium
A stored XSS vulnerability allows admin to super-admin privilege escalation in the Webadmin import group wizard of Sophos Firewall releases older than version 19.5 GA.

« first previous Page 28 of 14576. next last »