CVE List - 2022 / March

Showing 801 - 900 of 2065 CVEs for March 2022 (Page 9 of 21)

Back to List Previous Next

CVE ID	Date	Title
CVE-2022-0341	2022-03-14	Cross-site Scripting (XSS) - Stored in vanessa219/vditor
CVE-2022-0938	2022-03-14	Stored XSS via file upload in star7th/showdoc
CVE-2022-22719	2022-03-14	mod_lua Use of uninitialized value of in r:parsebody
CVE-2022-22720	2022-03-14	HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier
CVE-2022-22721	2022-03-14	core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody
CVE-2022-23943	2022-03-14	mod_sed: Read/write beyond bounds
CVE-2022-0940	2022-03-14	Stored XSS due to Unrestricted File Upload in star7th/showdoc
CVE-2022-24387	2022-03-14	File upload and overwrite to app_data/Config in SmarterTrack v100.0.8019.14010
CVE-2022-0941	2022-03-14	Stored XSS due to Unrestricted File Upload in star7th/showdoc
CVE-2022-0946	2022-03-14	Stored XSS viva cshtm file upload in star7th/showdoc
CVE-2022-24575	2022-03-14	GPAC 1.0.1 is affected by a stack-based buffer overflow through...
CVE-2022-24576	2022-03-14	GPAC 1.0.1 is affected by Use After Free through MP4Box.
CVE-2021-44964	2022-03-14	Use after free in garbage collector and finalizer of lgc.c...
CVE-2021-24692	2022-03-14	Simple Download Monitor < 3.9.5 - Contributor+ Arbitrary File Download via Path Traversal
CVE-2021-24895	2022-03-14	Cybersoldier < 1.7.0 - Admin+ Stored Cross-Site Scripting
CVE-2021-24897	2022-03-14	Add Subtitle <= 1.1.0 - Contributor+ Stored Cross-Site Scripting
CVE-2021-24940	2022-03-14	Persian Woocommerce <= 5.8.0 - Reflected Cross-Site Scripting
CVE-2021-24950	2022-03-14	Insight Core <= 1.0 - Subscriber+ PHP Object Injection & Stored XSS
CVE-2021-24958	2022-03-14	Meks Easy Photo Feed Widget < 1.2.4 - Subscriber+ Settings Update to Stored XSS
CVE-2021-24959	2022-03-14	WP Email Users <= 1.7.6 - Subscriber+ SQL Injection
CVE-2021-24966	2022-03-14	Error Log Viewer Plugin <= 1.1.1 - Admin+ Arbitrary File Clearing
CVE-2021-24982	2022-03-14	Child Theme Generator <= 2.2.7 - Reflected Cross-Site Scripting
CVE-2021-24995	2022-03-14	HTML5 Responsive FAQ <= 2.8.5 - Admin+ Stored Cross-Site Scripting
CVE-2021-24996	2022-03-14	IDPay for Contact Form 7 <= 2.1.2 - Reflected Cross-Site Scripting
CVE-2021-25003	2022-03-14	WPCargo < 6.9.0 - Unauthenticated RCE
CVE-2021-25006	2022-03-14	MOLIE <= 0.5 - Reflected Cross-Site Scripting
CVE-2021-25007	2022-03-14	MOLIE <= 0.5 - Authenticated SQL Injection
CVE-2021-25026	2022-03-14	Patreon WordPress < 1.8.2 - Admin+ Stored Cross-Site Scripting
CVE-2022-0147	2022-03-14	Cookie Information < 2.0.8 - Reflected Cross-Site Scripting
CVE-2022-0161	2022-03-14	ARI Fancy Lightbox < 1.3.9 - Reflected Cross-Site Scripting
CVE-2022-0165	2022-03-14	Page Builder KingComposer <= 2.9.6 - Open Redirect
CVE-2022-0169	2022-03-14	Photo Gallery by 10Web < 1.6.0 - Unauthenticated SQL Injection
CVE-2022-0230	2022-03-14	Better WordPress Google XML Sitemaps <= 1.4.1 - Unauthenticated Stored Cross-Site Scripting
CVE-2022-0248	2022-03-14	Contact Form Submissions < 1.7.3 - Unauthenticated Stored XSS
CVE-2022-0254	2022-03-14	Zero Spam < 5.2.11 - Admin+ SQL Injection
CVE-2022-0321	2022-03-14	WP Voting Contest < 3.0 - Reflected Cross-Site Scripting
CVE-2022-0327	2022-03-14	Master Addons for Elementor < 1.8.2 - Reflected Cross-Site Scripting
CVE-2022-0399	2022-03-14	Advanced Product Labels for WooCommerce < 1.2.3.7 - Reflected Cross-Site Scripting
CVE-2022-0449	2022-03-14	Flexi - Guest Submit < 4.20 - Reflected Cross-Site Scripting
CVE-2022-0478	2022-03-14	Event Manager for WooCommerce < 3.5.8 - Contributor+ SQL Injection
CVE-2022-0503	2022-03-14	Multisite Content Copier/Updater < 2.1.2 - Reflected Cross-Site Scripting
CVE-2022-0593	2022-03-14	Login with phone number < 1.3.7 - Unauthenticated remote plugin deletion
CVE-2022-0601	2022-03-14	Countdown & Clock < 2.2.9 - Reflected Cross-Site Scripting
CVE-2022-0648	2022-03-14	Team Circle Image Slider With Lightbox < 1.0.16 - Reflected Cross-Site Scripting
CVE-2022-0658	2022-03-14	CommonsBooking < 2.6.8 - Unauthenticated SQL Injection
CVE-2022-0659	2022-03-14	Sync iCloud COS < 2.0.1 - Admin+ Stored Cross-Site Scripting
CVE-2022-0674	2022-03-14	Kunze Law < 2.1 - Admin+ Stored Cross-Site Scripting
CVE-2022-0684	2022-03-14	WP Home Page Menu < 3.1 - Admin+ Stored Cross-Site Scripting
CVE-2022-0700	2022-03-14	Simple Theme Options < 1.7 - Admin+ Stored Cross-Site Scripting
CVE-2022-0701	2022-03-14	SEO 301 Meta <= 1.9.1 - Admin+ Stored Cross-Site Scripting
CVE-2022-0702	2022-03-14	Petfinder Listings <= 1.0.18 - Admin+ Stored Cross-Site Scripting
CVE-2022-0703	2022-03-14	GD Mylist <= 1.1.1 - Admin+ Stored Cross-Site Scripting
CVE-2022-22734	2022-03-14	Simple Quotation <= 1.3.2 - Quote Creation/Edition via CSRF to Stored Cross-Site Scripting
CVE-2022-22735	2022-03-14	Simple Quotation <= 1.3.2 - Subscriber+ SQL injection
CVE-2022-0960	2022-03-14	Stored XSS viva .properties file upload in star7th/showdoc
CVE-2021-42171	2022-03-14	Zenario CMS 9.0.54156 is vulnerable to File Upload. The web...
CVE-2021-41952	2022-03-14	Zenario CMS 9.0.54156 is vulnerable to Cross Site Scripting (XSS)...
CVE-2022-0962	2022-03-14	Stored XSS viva .webma file upload in star7th/showdoc
CVE-2021-39051	2022-03-14	IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable...
CVE-2021-39055	2022-03-14	IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable...
CVE-2022-22344	2022-03-14	IBM Spectrum Copy Data Management 2.2.0.0 through 2.2.14.3 is vulnerable...
CVE-2022-22354	2022-03-14	IBM Spectrum Protect Plus 10.1.0.0 through 10.1.9.2 and IBM Spectrum...
CVE-2021-38971	2022-03-14	IBM Data Virtualization on Cloud Pak for Data 1.3.0, 1.4.1,...
CVE-2022-22346	2022-03-14	IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable...
CVE-2022-22348	2022-03-14	IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable...
CVE-2022-22353	2022-03-14	IBM Big SQL on IBM Cloud Pak for Data 7.1.0,...
CVE-2022-21187	2022-03-14	Command Injection
CVE-2022-26320	2022-03-14	The Rambus SafeZone Basic Crypto Module before 10.4.0, as used...
CVE-2022-24733	2022-03-14	Improper Restriction of Rendered UI Layers or Frames in Sylius
CVE-2022-24742	2022-03-14	Exposure of Sensitive Information Due to Incompatible Policies in Sylius
CVE-2022-24743	2022-03-14	Insufficient Session Expiration in Sylius
CVE-2022-24749	2022-03-14	Basic Cross-site Scripting and Unrestricted Upload of File with Dangerous Type in Sylius
CVE-2022-24740	2022-03-14	Improper Authentication in Volto
CVE-2021-42389	2022-03-14	Divide-by-zero in Clickhouse's Delta compression codec when parsing a malicious...
CVE-2021-42390	2022-03-14	Divide-by-zero in Clickhouse's DeltaDouble compression codec when parsing a malicious...
CVE-2021-42391	2022-03-14	Divide-by-zero in Clickhouse's Gorilla compression codec when parsing a malicious...
CVE-2022-24762	2022-03-14	Exposure of Sensitive Information to an Unauthorized Actor in sysend.js
CVE-2021-45848	2022-03-15	Denial of service (DoS) vulnerability in Nicotine+ 3.0.3 and later...
CVE-2022-0944	2022-03-15	Template injection in connection test endpoint leads to RCE in sqlpad/sqlpad
CVE-2022-0945	2022-03-15	Stored XSS viva axd and cshtml file upload in star7th/showdoc in star7th/showdoc
CVE-2022-27193	2022-03-15	CVRF-CSAF-Converter before 1.0.0-rc2 resolves XML External Entities (XXE). This leads...
CVE-2022-0950	2022-03-15	Unrestricted Upload of File with Dangerous Type in star7th/showdoc
CVE-2022-0951	2022-03-15	File Upload Restriction Bypass leading to Stored XSS Vulnerability in star7th/showdoc
CVE-2022-0894	2022-03-15	Cross-site Scripting (XSS) - Stored in pimcore/pimcore
CVE-2022-0893	2022-03-15	Cross-site Scripting (XSS) - Stored in pimcore/pimcore
CVE-2021-45010	2022-03-15	A path traversal vulnerability in the file upload functionality in...
CVE-2022-0954	2022-03-15	Multiple Stored Cross-site Scripting (XSS) Vulnerabilities in Shop's Other Settings, Shop's Autorespond E-mail Settings and Shops' Payments Methods in microweber/microweber
CVE-2022-0956	2022-03-15	Stored XSS via File Upload in star7th/showdoc
CVE-2022-0957	2022-03-15	Stored XSS via File Upload in star7th/showdoc
CVE-2022-0942	2022-03-15	Stored XSS due to Unrestricted File Upload in star7th/showdoc
CVE-2022-24721	2022-03-15	Incorrect Authorization in org.cometd.oort
CVE-2022-0430	2022-03-15	Exposure of Sensitive Information to an Unauthorized Actor in httpie/httpie
CVE-2022-24755	2022-03-15	Incorrect Authorization in Bareos Director
CVE-2022-24752	2022-03-15	SQL Injection through sorting parameters in SyliusGridBundle
CVE-2022-24756	2022-03-15	Missing Release of Memory after Effective Lifetime in Bareos Director
CVE-2022-0961	2022-03-15	The microweber application allows large characters to insert in the input field "post title" which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request. in microweber/microweber
CVE-2022-0963	2022-03-15	Unrestricted XML Files Leads to Stored XSS in microweber/microweber
CVE-2022-0967	2022-03-15	Stored XSS via File Upload in star7th/showdoc in star7th/showdoc in star7th/showdoc
CVE-2022-0966	2022-03-15	Stored XSS via File Upload in star7th/showdoc in star7th/showdoc
CVE-2022-0965	2022-03-15	Stored XSS viva .ofd file upload in star7th/showdoc