CVE-2022-35196 TestLink v1.9.20 had a CSRF vulnerbility in plan/planView.php.
This issue was resolved by updating to version 1.9.21 or higher. Inspect the application URL to determine if you are running an outdated
CVE-2022-3000 XSS stored in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0.
It was found that due to the way data was sanitized before being stored to session, there was a possibility of XSS. It was patched
CVE-2022-39957 The OWASP ModSecurity CRS is affected by a response body bypass, which allows a client to issue an Accept header with an optional "charset" parameter.
The OWASP ModSecurity CRS is affected by a cross-site request forgery (CSRF) vulnerability. A malicious actor may pose as an innocent third party, to trick
CVE-2022-38527 CMS v1.6.0 had a XSS vulnerability in the Import function.
This can be exploited by malicious users to inject arbitrary JavaScript into your site's code. A cross-site request forgery (CSRF) vulnerability was also
CVE-2022-2754 The Ketchup Restaurant Reservations WordPress plugin through 1.0.0 does not validate and escape some reservation parameters, which could allow unauthenticated attackers to perform SQL Injection attacks.
through the WordPress admin interface. An attacker can inject a SQL statement by sending a malicious request to the vulnerable server, then by sending a
Episode
00:00:00
00:00:00