Welcome to cxsecurity. enjoy
Bugtraq Stats

Yesterday: {{ x.iyest }}
Last month: {{ x.imont }}
Current month: {{ x.icurr }}
Total: {{ x.itotal }}

CVE database

Last Update: {{ x.cyest }}
Last month: {{ x.cmont }}
Current month: {{ x.ccur }}
Total CVE: {{ x.ctotal }}

Affected
{{te.id}}. {{te.nameDis}} ({{te.count}})
Random comment
{{ x.title }}
{{ x.auth }}
{{ x.text }}

Voted
{{ x.nameSh }} +{{x.pos}} {{x.neg}}

2022-01-27
High
Med.
Med.
Low
Med.
Med.
Low
Low
Low
Med.
2022-01-26
Med.
Med.
Med.

The latest CVEs

2022-01-28
CVE-2022-0394
Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat prior to 3.93v.
CVE-2022-21720
GLPI is a free asset and IT management software package. Prior to version 9.5.7, an entity administrator is capable of retrieving normally inaccessible data via SQL injection. Version 9.5.7 contains a patch for this issue. As a workaround, disabling the `Entities` update right prevents exploitation of this vulnerability.
CVE-2022-24071
A Built-in extension in Whale browser before 3.12.129.46 allows attackers to compromise the rendering process which could lead to controlling browser internal APIs.
CVE-2020-28884
Liferay Portal Server tested on 7.3.5 GA6, 7.2.0 GA1 is affected by OS Command Injection. An administrator user can inject Groovy script to execute any OS command on the Liferay Portal Sever.
CVE-2020-28885
Liferay Portal Server tested on 7.3.5 GA6, 7.2.0 GA1 is affected by OS Command Injection. An administrator user can inject commands through the Gogo Shell module to execute any OS command on the Liferay Portal Sever.
CVE-2022-21719
GLPI is a free asset and IT management software package. All GLPI versions prior to 9.5.7 are vulnerable to reflected cross-site scripting. Version 9.5.7 contains a patch for this issue. There are no known workarounds.
CVE-2021-46484
Jsish v3.5.0 was discovered to contain a heap-use-after-free via Jsi_IncrRefCount in src/jsiValue.c. This vulnerability can lead to a Denial of Service (DoS).
CVE-2021-46485
Jsish v3.5.0 was discovered to contain a SEGV vulnerability via Jsi_ValueIsNumber at src/jsiValue.c. This vulnerability can lead to a Denial of Service (DoS).
CVE-2021-46486
Jsish v3.5.0 was discovered to contain a SEGV vulnerability via jsi_ArraySpliceCmd at src/jsiArray.c. This vulnerability can lead to a Denial of Service (DoS).
CVE-2021-46487
Jsish v3.5.0 was discovered to contain a SEGV vulnerability via /lib/x86_64-linux-gnu/libc.so.6+0x18e506. This vulnerability can lead to a Denial of Service (DoS).

Dorks

2022-01-26
Med.
Quiz Maker 6.2 - Sensitive Data Exposure (Authenticated User Credentials)
inurl:/wp-content/plugins/quiz-maker
Gh05t666nero
Med.
Creative Websoft - Sql Injection Vulnerability
"Website Desined By: Creative Websoft"
behrouz mansoori
2022-01-24
Med.
LDaRosa Xpath Injection Vulnerability
"By LDaRosa"
behrouz mansoori
2022-01-20
Med.
North Wing Limited - Sql Injection Vulnerability
"Developers: North Wing Limited"
behrouz mansoori
Med.
S.S. Technologies - Sql Injection Vulnerability
"Powered By S.S. Technologies" inurl:id="
behrouz mansoori

Copyright 2022, cxsecurity.com

 

Back to Top