Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2022-01-17
Med.
Low
Med.
Med.
Med.
Med.
Low
High
Low
Med.
Low
Med.
2022-01-15
Low

The latest CVEs

2022-01-18
CVE-2022-22703
In Stormshield SSO Agent 2.x before 2.1.1 and 3.x before 3.0.2, the cleartext user password and PSK are contained in the log file of the .exe installer.
2022-01-17
CVE-2022-0242
Unrestricted Upload of File with Dangerous Type in GitHub repository crater-invoice/crater prior to 6.0.
CVE-2021-42357
When using Apache Knox SSO prior to 1.6.1, a request could be crafted to redirect a user to a malicious page due to improper URL parsing. A request that included a specially crafted request parameter could be used to redirect the user to a page controlled by an attacker. This URL would need to be presented to the user outside the normal request flo...
CVE-2021-33040
managers/views/iframe.js in FuturePress EPub.js before 0.3.89 allows XSS.
CVE-2021-38965
IBM FileNet Content Manager 5.5.4, 5.5.6, and 5.5.7 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 212346.
CVE-2022-0256
pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2022-0257
pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2022-0258
pimcore is vulnerable to Improper Neutralization of Special Elements used in an SQL Command
CVE-2021-24838
The AnyComment WordPress plugin through 0.2.17 has an API endpoint which passes user input via the redirect parameter to the wp_redirect() function without being validated first, leading to an Open Redirect issue, which according to the vendor, is a feature.
CVE-2021-24909
The ACF Photo Gallery Field WordPress plugin before 1.7.5 does not sanitise and escape the post parameter in the includes/acf_photo_gallery_metabox_edit.php file before outputing back in an attribute, leading to a Reflected Cross-Site Scripting issue

Dorks

2022-01-17
Med.
Developed by : Muhammad Jamil - SQL Injection
intext:"Developed by : Muhammad Jamil" .php?id=
Unkn0wn
2022-01-15
Med.
da Grazioli Design - Sql Injection Vulnerability
"Sito web creato da Grazioli Design"
behrouz mansoori
Med.
Web Canvas - Sql Injection Vulnerability
"Web Design by Web Canvas"
behrouz mansoori
2022-01-13
Med.
MARKS DESIGN - Sql Injection Vulnerability
"Designed by MARKS DESIGN"
behrouz mansoori
Med.
EDSA Designs - Sql Injection Vulnerability
"website by EDSA Designs"
behrouz mansoori

Copyright 2022, cxsecurity.com

 

Back to Top