Total
44400 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-32195 | 1 Edx | 1 Open Edx | 2024-11-21 | 6.1 Medium |
| Open edX platform before 2022-06-06 allows XSS via the "next" parameter in the logout URL. | ||||
| CVE-2022-32173 | 1 Orchardcore | 1 Orchardcore | 2024-11-21 | 5.4 Medium |
| In OrchardCore rc1-11259 to v1.2.2 vulnerable to HTML injection, allow an authenticated user with an editor security role to inject a persistent HTML modal dialog component into the dashboard that will affect admin users. | ||||
| CVE-2022-32172 | 1 Zinclabs | 1 Zinc | 2024-11-21 | N/A |
| In Zinc, versions v0.1.9 through v0.3.1 are vulnerable to Stored Cross-Site Scripting when using the delete template functionality. When an authenticated user deletes a template with a XSS payload in the name field, the Javascript payload will be executed and allow an attacker to access the user’s credentials. | ||||
| CVE-2022-32171 | 1 Zinclabs | 1 Zinc | 2024-11-21 | N/A |
| In Zinc, versions v0.1.9 through v0.3.1 are vulnerable to Stored Cross-Site Scripting when using the delete user functionality. When an authenticated user deletes a user having a XSS payload in the user id field, the javascript payload will be executed and allow an attacker to access the user’s credentials. | ||||
| CVE-2022-32159 | 1 Infogami | 1 Infogami | 2024-11-21 | N/A |
| In openlibrary versions deploy-2016-07-0 through deploy-2021-12-22 are vulnerable to Stored XSS. | ||||
| CVE-2022-32145 | 1 Siemens | 1 Teamcenter Active Workspace | 2024-11-21 | 6.1 Medium |
| A vulnerability has been identified in Teamcenter Active Workspace V5.2 (All versions < V5.2.9), Teamcenter Active Workspace V6.0 (All versions < V6.0.3). A reflected cross-site scripting (XSS) vulnerability exists in the web interface of the affected application that could allow an attacker to execute malicious code by tricking users into accessing a malicious link. | ||||
| CVE-2022-32131 | 1 74cms | 1 74cmsse | 2024-11-21 | 6.1 Medium |
| 74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /index/notice/show. | ||||
| CVE-2022-32130 | 1 74cms | 1 74cmsse | 2024-11-21 | 6.1 Medium |
| 74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company/down_resume/total/nature. | ||||
| CVE-2022-32129 | 1 74cms | 1 74cmsse | 2024-11-21 | 6.1 Medium |
| 74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company/account/safety/trade. | ||||
| CVE-2022-32128 | 1 74cms | 1 74cmsse | 2024-11-21 | 6.1 Medium |
| 74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company/service/increment/add/im. | ||||
| CVE-2022-32127 | 1 74cms | 1 74cmsse | 2024-11-21 | 6.1 Medium |
| 74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company/view_be_browsed/total. | ||||
| CVE-2022-32126 | 1 74cms | 1 74cmsse | 2024-11-21 | 6.1 Medium |
| 74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company. | ||||
| CVE-2022-32125 | 1 74cms | 1 74cmsse | 2024-11-21 | 6.1 Medium |
| 74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /job. | ||||
| CVE-2022-32124 | 1 74cms | 1 74cmsse | 2024-11-21 | 6.1 Medium |
| 74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the component /index/jobfairol/show/. | ||||
| CVE-2022-32118 | 1 Arox | 1 School Erp Pro | 2024-11-21 | 6.1 Medium |
| Arox School ERP Pro v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the dispatchcategory parameter in backoffice.inc.php. | ||||
| CVE-2022-32115 | 1 Withknown | 1 Known | 2024-11-21 | 6.1 Medium |
| An issue in the isSVG() function of Known v1.2.2+2020061101 allows attackers to execute arbitrary code via a crafted SVG file. | ||||
| CVE-2022-32074 | 1 Osticket | 1 Osticket | 2024-11-21 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in the component audit/class.audit.php of osTicket-plugins - Storage-FS before commit a7842d494889fd5533d13deb3c6a7789768795ae allows attackers to execute arbitrary web scripts or HTML via a crafted SVG file. | ||||
| CVE-2022-32065 | 1 Ruoyi | 1 Ruoyi | 2024-11-21 | 5.4 Medium |
| An arbitrary file upload vulnerability in the background management module of RuoYi v4.7.3 and below allows attackers to execute arbitrary code via a crafted HTML file. | ||||
| CVE-2022-32061 | 1 Snipeitapp | 1 Snipe-it | 2024-11-21 | 4.8 Medium |
| An arbitrary file upload vulnerability in the Select User function under the People Menu component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file. | ||||
| CVE-2022-32060 | 1 Snipeitapp | 1 Snipe-it | 2024-11-21 | 4.8 Medium |
| An arbitrary file upload vulnerability in the Update Branding Settings component of Snipe-IT v6.0.2 allows attackers to execute arbitrary code via a crafted file. | ||||