CVE-2022-39314 Kirby is a flat-file CMS that is vulnerable to user enumeration due to improper authentication attempts.
If you are using the `code` or `password-reset` auth method, you can work around this vulnerability by using the `auth.methods` option to set it
CVE-2022-42205 Hospital Management System in PHP 4.0 is vulnerable to XSS via add-patient.php
Exploitation of this vulnerability requires no authentication, thus it might be a low-severity issue, but it is still important to be aware of it.
A
CVE-2022-42199 v1.0 of Exam Reviewer Management System is vulnerable to CSRF attack.
If a remote attacker can trick an authenticated user into clicking a specially crafted link, they can execute commands against the management system. This can
CVE-2022-43014 OpenCATS v0.9.6 had a XSS vulnerability when the joborderID parameter was used.
An attacker can inject malicious code in the user’s browser to take control of the vulnerable system. OpenCATS administrators are advised to review the
CVE-2022-43408 Jenkins Pipeline stage view plugin 2.26 and earlier doesn't encode input step ID when generating URLs, allowing attackers to specify them and proceed/abort builds.
This issue does not affect usage of the Jenkins CLI. In order to exploit this issue, an attacker would have to be able to configure
Episode
00:00:00
00:00:00