| CVE ID | Description | CVSS 3.0 | CVE MITRE | NVD |
|---|---|---|---|---|
| CVE-2024-34061 | changedetection.io Cross-site Scripting vulnerability version <=v0.45.21 | 4.3 | https://github.com/advisories/GHSA-pwgc-w4x9-gw67 | |
| CVE-2021-46253 | XSS v.0.12.7 store in archor cms | 5.4 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46253 | https://nvd.nist.gov/vuln/detail/CVE-2021-46253 |
| CVE-2021-46458 | Victor CMS v1.0 was discovered to contain a SQL injection vulnerability in the component admin/posts.php?source=add_post. This vulnerability can be exploited through a crafted POST request via the post_title parameter. | 7.5 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46458 | https://nvd.nist.gov/vuln/detail/CVE-2021-46458 |
| CVE-2021-46459 | Victor CMS v1.0 was discovered to contain multiple SQL injection vulnerabilities in the component admin/users.php?source=add_user. These vulnerabilities can be exploited through a crafted POST request via the user_name, user_firstname,user_lastname, or user_email parameters. | 7.5 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46459 | https://nvd.nist.gov/vuln/detail/CVE-2021-46459 |
| CVE-2021-46253 | Hospital Management System v4.0 was discovered to contain a blind SQL injection vulnerability via the register function in func2.php. | 7.5 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24226 | https://nvd.nist.gov/vuln/detail/CVE-2022-24226 |
| CVE-2022-24227 | A cross-site scripting (XSS) vulnerability in BoltWire v7.10 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the name and lastname parameters. | 6.1 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24227 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24227 |
| CVE-2022-24585 | A stored cross-site scripting (XSS) vulnerability in the component /core/admin/comment.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the author parameter. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-24585 | https://nvd.nist.gov/vuln/detail/CVE-2022-24585 |
| CVE-2022-24586 | A stored cross-site scripting (XSS) vulnerability in the component /core/admin/categories.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the content and thumbnail parameters. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-24586 | https://nvd.nist.gov/vuln/detail/CVE-2022-24586 |
| CVE-2022-24587 | A stored cross-site scripting (XSS) vulnerability in the component core/admin/medias.php of PluXml v5.8.7 allows attackers to execute arbitrary web scripts or HTML. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-24587 | https://nvd.nist.gov/vuln/detail/CVE-2022-24587 |
| CVE-2022-24588 | Flatpress v1.2.1 was discovered to contain a cross-site scripting (XSS) vulnerability in the Upload SVG File function. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-24588 | https://nvd.nist.gov/vuln/detail/CVE-2022-24588 |
| CVE-2022-24589 | Burden v3.0 was discovered to contain a stored cross-site scripting (XSS) in the Add Category function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the task parameter. | 6.1 | https://nvd.nist.gov/vuln/detail/CVE-2022-24589 | https://nvd.nist.gov/vuln/detail/CVE-2022-24589 |
| CVE-2022-24590 | A stored cross-site scripting (XSS) vulnerability in the Add Link function of BackdropCMS v1.21.1 allows attackers to execute arbitrary web scripts or HTML. | 5.4 | https://nvd.nist.gov/vuln/detail/CVE-2022-24590 | https://nvd.nist.gov/vuln/detail/CVE-2022-24590 |
-
Notifications
You must be signed in to change notification settings - Fork 3
Nguyen-Trung-Kien/CVE
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
About
CVE Update
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published