Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2022-11-29
High
High
Low
2022-11-26
High
Low
Med.
Low
Med.
Med.
Med.
Med.
2022-11-22
Med.
High

The latest CVEs

2022-12-01
CVE-2019-18265
Digital Alert Systems?? DASDEC software prior to version 4.1 contains a cross-site scripting (XSS) vulnerability that allows remote attackers to inject arbitrary web script or HTML via the SSH username, username field of the login page, or via the HTTP host header. The injected content is stored in logs and rendered when viewed in the web applicati...
CVE-2022-46162
discourse-bbcode is the official BBCode plugin for Discourse. Prior to commit 91478f5, CSS injection can occur when rendering content generated with the discourse-bccode plugin. This vulnerability only affects sites which have the discourse-bbcode plugin installed and enabled. This issue is patched in commit 91478f5. As a workaround, ensure that th...
CVE-2022-40204
A cross-site scripting (XSS) vulnerability exists in all current versions of Digital Alert Systems DASDEC software via the Host Header in undisclosed pages after login.
CVE-2022-46156
The Synthetic Monitoring Agent for Grafana's Synthetic Monitoring application provides probe functionality and executes network checks for monitoring remote targets. Users running the Synthetic Monitoring agent prior to version 0.12.0 in their local network are impacted. The authentication token used to communicate with the Synthetic Monitorin...
2022-11-30
CVE-2022-23746
The IPsec VPN blade has a dedicated portal for downloading and connecting through SSL Network Extender (SNX). If the portal is configured for username/password authentication, it is vulnerable to a brute-force attack on usernames and passwords.
CVE-2022-44151
Simple Inventory Management System v1.0 is vulnerable to SQL Injection via /ims/login.php.
CVE-2022-46149
Cap'n Proto is a data interchange format and remote procedure call (RPC) system. Cap'n Proro prior to versions 0.7.1, 0.8.1, 0.9.2, and 0.10.3, as well as versions of Cap'n Proto's Rust implementation prior to 0.13.7, 0.14.11, and 0.15.2 are vulnerable to out-of-bounds read due to logic error handling list-of-list. This issue ma...
CVE-2022-4234
A vulnerability was found in SourceCodester Canteen Management System. It has been rated as problematic. This issue affects the function builtin_echo of the file youthappam/brand.php. The manipulation of the argument brand_name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may ...
CVE-2022-44294
Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/?page=services/manage_service&id=.
CVE-2022-44295
Sanitization Management System v1.0 is vulnerable to SQL Injection via /php-sms/admin/orders/assign_team.php?id=.

Dorks

2022-11-18
Med.
Remote Code Execution in SimpleMachinesForum 2.1.1( CVE-2022-26982 )
SimpleMachinesForum Exploit
Sarang Tumne
2022-11-15
Med.
Remote Code Execution in MODX Revolution V2.8.3-pl( CVE-2022-26149 )
MODX Exploit
Sarang Tumne
2022-11-13
High
Remote Code Execution in Abantecart-1.3.2( CVE-2022-26521 )
Abantecart exploit
Sarang Tumne
2022-10-23
Low
Khameneie.ir XSS vulnerabilities
site:farsi.khamenei.ir/search-result?q="
E1.Coders
Med.
developway SQL Injection
intext:"Powered By DevelopWay"
cymilad

Copyright 2022, cxsecurity.com

 

Back to Top