Show filters
563 Total Results
Displaying 181-190 of 563
Sort by:
Attacker Value
Unknown
CVE-2022-2047
Disclosure Date: July 07, 2022 (last updated February 24, 2025)
In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, the parsing of the authority segment of an http scheme URI, the Jetty HttpURI class improperly detects an invalid input as a hostname. This can lead to failures in a Proxy scenario.
0
Attacker Value
Unknown
CVE-2021-41042
Disclosure Date: July 07, 2022 (last updated February 24, 2025)
In Eclipse Lyo versions 1.0.0 to 4.1.0, a TransformerFactory is initialized with the defaults that do not restrict DTD loading when working with RDF/XML. This allows an attacker to cause an external DTD to be retrieved.
0
Attacker Value
Unknown
CVE-2022-1791
Disclosure Date: June 13, 2022 (last updated February 23, 2025)
The One Click Plugin Updater WordPress plugin through 2.4.14 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and disable / hide the badge of the available updates and the related check.
0
Attacker Value
Unknown
CVE-2022-1559
Disclosure Date: May 16, 2022 (last updated February 23, 2025)
The Clipr WordPress plugin through 1.2.3 does not sanitise and escape its API Key settings before outputting it in an attribute, leading to a Stored Cross-Site Scripting issue even when the unfiltered_html capability is disallowed
0
Attacker Value
Unknown
CVE-2022-24831
Disclosure Date: May 14, 2022 (last updated February 23, 2025)
OpenClinica is an open source software for Electronic Data Capture (EDC) and Clinical Data Management (CDM). Versions prior to 3.16.1 are vulnerable to SQL injection due to the use of string concatenation to create SQL queries instead of prepared statements. No known workarounds exist. This issue has been patched in 3.16.1, 3.15.9, 3.14.1, and 3.13.1 and users are advised to upgrade.
0
Attacker Value
Unknown
CVE-2022-24830
Disclosure Date: May 14, 2022 (last updated February 23, 2025)
OpenClinica is an open source software for Electronic Data Capture (EDC) and Clinical Data Management (CDM). OpenClinica prior to version 3.16 is vulnerable to path traversal in multiple endpoints, leading to arbitrary file read/write, and potential remote code execution. There are no known workarounds. This issue has been patched and users are recommended to upgrade.
0
Attacker Value
Unknown
CVE-2022-29984
Disclosure Date: May 12, 2022 (last updated February 23, 2025)
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=client/view_client&id=.
0
Attacker Value
Unknown
CVE-2022-29983
Disclosure Date: May 12, 2022 (last updated February 23, 2025)
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=invoice/view_invoice&id=.
0
Attacker Value
Unknown
CVE-2022-29982
Disclosure Date: May 12, 2022 (last updated February 23, 2025)
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/maintenance/manage_service.php?id=.
0
Attacker Value
Unknown
CVE-2022-29981
Disclosure Date: May 12, 2022 (last updated February 23, 2025)
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Users.php?f=delete.
0