CVE-2022-38089 Exment stored cross-site scripting vulnerability in v5.0.2 and earlier and v3.0.0 and earlier, v4.4.2 and earlier, and v2.2.2 and earlier.
Stored cross-site scripting vulnerability in Exment ((PHP8) exceedone/exment v5.0.2 and earlier and exceedone/laravel-admin v3.0.0 and earlier, (PHP7) exceedone/exment
CVE-2022-38463 ServiceNow through San Diego Patch 4b and Patch 6 allows reflected XSS in the logout functionality.
Logging out from one customer profile will reflect on any other customer profile. This can lead to a situation where a malicious customer could potentially
CVE-2022-29468 CSRF vulnerability in WWBN AVideo 11.6 and dev master commit 3f7c0364 allows HTTP requests to increase privileges.
To exploit this vulnerability, an attacker must trick a user into clicking a crafted link. For example, attackers can host a website on a server
CVE-2022-2388 The WP Coder plugin before 2.5.3 didn't have CSRF check when deleting code, which could allow attackers to make a logged in admin delete arbitrary ones.
Multiple logged in users can also delete code in a project. WordPress 4.7 fixes this vulnerability by including CSRF protection for actions that can
CVE-2022-36251 Clinic's Patient Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via patients.php
A remote attacker can inject malicious code into the system via this vector. An attacker can create a patient record with a script that causes
Episode
00:00:00
00:00:00