CVE-2022-37059 XSS in Subrion CMS 4.2.1 Login Field allows attacker to inject arbitrary code.
By using this vulnerability an attacker can steal cookie information and execute malicious code on the system of the affected website. In case of XSS
CVE-2022-36194 An Attacker could leverage the XSS in the Pollers > Broker Configuration function of Actron Encentreon 22.04.0 to inject malicious code.
By manipulating the name parameter, an attacker can inject malicious code into the application’s code, which can lead to session hijacking and other forms
CVE-2022-36720 The v1.0 Library Management System was found to have a SQL injection vulnerability.
An attacker can leverage this vulnerability to execute arbitrary SQL commands against the affected system. An attacker exploiting this vulnerability can install applications, view data,
CVE-2018-14519 An issue was discovered in Kirby 2.5.12. The delete page functionality suffers from a CSRF flaw
The vulnerability can be exploited by remote attackers via CSRF cookies. The security issue affects all users using the delete pages functionality.
CVE Solution - Update
CVE-2022-38089 Exment stored cross-site scripting vulnerability in v5.0.2 and earlier and v3.0.0 and earlier, v4.4.2 and earlier, and v2.2.2 and earlier.
Stored cross-site scripting vulnerability in Exment ((PHP8) exceedone/exment v5.0.2 and earlier and exceedone/laravel-admin v3.0.0 and earlier, (PHP7)
Episode
00:00:00
00:00:00