CVE漏洞

OStack程序员社区-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2022-28479

SeedDMS versions 6.0.18 and 5.1.25 and below are vulnerable to stored XSS. An attacker with admin privileges can inject the payload inside the Role management menu and then trigger the payload by load ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：23 | 回复：0
CVE-2022-29296

A reflected cross-site scripting (XSS) vulnerability in the login portal of Avantune Genialcloud ProJ - 10 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：20 | 回复：0
CVE-2022-30927

A SQL injection vulnerability exists in Simple Task Scheduling System 1.0 when MySQL is being used as the application database. An attacker can issue SQL commands to the MySQL database through the vul ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：28 | 回复：0
CVE-2022-31494

LibreHealth EHR Base 2.0.0 allows gacl/admin/acl_admin.php action XSS.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：29 | 回复：0
CVE-2022-1991

A vulnerability classified as problematic has been found in Fast Food Ordering System 1.0. Affected is the file Master.php of the Master List. The manipulation of the argument Description with the inp ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：32 | 回复：0
CVE-2021-37589

Virtua Cobranca before 12R allows SQL Injection on the login page.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：31 | 回复：0
CVE-2022-25361

WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to delete arbitrary files from a limited set of directories on the system. This vulnerability impacts Fireware OS before ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：26 | 回复：0
CVE-2022-29564

Jamf Private Access before 2022-05-16 has Incorrect Access Control, in which an unauthorized user can reach a system in the internal infrastructure, aka WND-44801.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：32 | 回复：0
CVE-2022-31025

Discourse is an open source platform for community discussion. Prior to version 2.8.4 on the `stable` branch and 2.9.0beta5 on the `beta` and `tests-passed` branches, inviting users on sites that use ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：34 | 回复：0
CVE-2022-31495

LibreHealth EHR Base 2.0.0 allows gacl/admin/acl_admin.php return_page XSS.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：39 | 回复：0
CVE-2022-31028

MinIO is a multi-cloud object storage solution. Starting with version RELEASE.2019-09-25T18-25-51Z and ending with version RELEASE.2022-06-02T02-11-04Z, MinIO is vulnerable to an unending go-routine b ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：40 | 回复：0
CVE-2022-31279

Laravel 9.1.8, when processing attacker-controlled data for deserialization, allows Remote Code Execution (RCE) via an unserialized pop chain in __destruct in Illuminate\Broadcasting\PendingBroadcast. ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：21 | 回复：0
CVE-2019-9971

PhoneSystem Terminal in 3CX Phone System (Debian based installation) 16.0.0.1570 allows an attacker to gain root privileges by using sudo with the tcpdump command, without a password. This occurs beca ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：27 | 回复：0
CVE-2019-9972

PhoneSystem Terminal in 3CX Phone System (Debian based installation) 16.0.0.1570 allows an authenticated attacker to run arbitrary commands with the phonesystem user privileges because of spacespace f ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：24 | 回复：0
CVE-2020-36523

A vulnerability was found in PlantUML 6.43. It has been declared as problematic. Affected by this vulnerability is the component Database Information Macro. The manipulation leads to cross site script ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：31 | 回复：0
CVE-2020-36524

A vulnerability was found in Refined Toolkit. It has been rated as problematic. Affected by this issue is some unknown functionality of the component UI-Image/UI-Button. The manipulation leads to cros ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：28 | 回复：0
CVE-2020-36525

A vulnerability classified as problematic has been found in Linking. This affects an unknown part of the component New Windows Macro. The manipulation leads to cross site scripting. It is possible to ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：30 | 回复：0
CVE-2020-36526

A vulnerability classified as problematic was found in Countdown Timer. This vulnerability affects unknown code of the component Macro Handler. The manipulation leads to cross site scripting. The atta ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：35 | 回复：0
CVE-2020-36527

A vulnerability, which was classified as problematic, has been found in Server Status. This issue affects some unknown processing of the component HTTP Status/SMTP Status. The manipulation leads to cr ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：53 | 回复：0
CVE-2020-36528

A vulnerability, which was classified as critical, was found in Platinum Mobile 1.0.4.850. Affected is /MobileHandler.ashx which leads to broken access control. The attack requires authentication. Upg ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：71 | 回复：0
CVE-2020-36529

A vulnerability classified as critical has been found in SevOne Network Management System up to 5.7.2.22. This affects the file traceroute.php of the Traceroute Handler. The manipulation leads to priv ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：60 | 回复：0
CVE-2020-36530

A vulnerability classified as critical was found in SevOne Network Management System up to 5.7.2.22. This vulnerability affects the Alert Summary. The manipulation leads to sql injection. The attack c ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：53 | 回复：0
CVE-2020-36531

A vulnerability, which was classified as critical, has been found in SevOne Network Management System up to 5.7.2.22. This issue affects the Device Manager Page. An injection leads to privilege escala ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：69 | 回复：0
CVE-2020-36532

A vulnerability has been found in Klapp App and classified as problematic. This vulnerability affects unknown code of the component Authorization. The manipulation leads to information disclosure (Cre ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：82 | 回复：0
CVE-2020-36533

A vulnerability was found in Klapp App and classified as problematic. This issue affects some unknown processing of the JSON Web Token Handler. The manipulation leads to weak authentication. The attac ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：87 | 回复：0
CVE-2020-36534

A vulnerability was found in easyii CMS. It has been classified as problematic. Affected is an unknown function of the file /admin/sign/out. The manipulation leads to cross site request forgery. It is ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：161 | 回复：0
CVE-2020-36535

A vulnerability classified as critical has been found in MINMAX. This affects an unknown part of the file /newsDia.php. The manipulation of the argument id leads to sql injection. It is possible to in ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：255 | 回复：0
CVE-2020-36536

A vulnerability was found in Brandbugle. It has been rated as critical. Affected by this issue is some unknown functionality of the file /main.php. The manipulation leads to sql injection. The attack ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：1062 | 回复：0
CVE-2020-36537

A vulnerability was found in Everywhere CMS. It has been classified as critical. Affected is an unknown function. The manipulation of the argument id leads to sql injection. It is possible to launch t ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：142 | 回复：0
CVE-2020-36538

A vulnerability was found in Eatan CMS. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. The attack can be launche ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：116 | 回复：0
CVE-2020-36539

A vulnerability was found in Lógico y Creativo 1.0 and classified as critical. This issue affects some unknown processing. The manipulation of the argument id leads to sql injection. The attack may b ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：139 | 回复：0
CVE-2020-36540

A vulnerability, which was classified as critical, was found in Neetai Tech. Affected is an unknown function of the file /product.php. The manipulation leads to sql injection. It is possible to launch ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：94 | 回复：0
CVE-2020-36541

A vulnerability was found in Demokratian. It has been rated as critical. Affected by this issue is some unknown functionality of the file basicos_php/genera_select.php. The manipulation of the argumen ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：82 | 回复：0
CVE-2020-36542

A vulnerability classified as critical has been found in Demokratian. This affects an unknown part of the file install/install3.php. The manipulation leads to privilege escalation. It is possible to i ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：58 | 回复：0
CVE-2022-1708

A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output ...……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：70 | 回复：0
CVE-2022-28794

Sensitive information exposure in low-battery dumpstate log prior to SMR Jun-2022 Release 1 allows local attackers to get SIM card information.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：58 | 回复：0
CVE-2022-30709

Improper input validation check logic vulnerability in SECRIL prior to SMR Jun-2022 Release 1 allows attackers to trigger crash.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：57 | 回复：0
CVE-2022-30710

Improper validation vulnerability in RemoteViews prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：47 | 回复：0
CVE-2022-30711

Improper validation vulnerability in FeedsInfo prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：51 | 回复：0
CVE-2022-30712

Improper validation vulnerability in KfaOptions prior to SMR Jun-2022 Release 1 allows attackers to launch certain activities.……

作者：菜鸟教程小白 | 时间：2022-6-23 09:03 | 阅读：51 | 回复：0