CVE-2022-0688

Business Logic Errors in Packagist microweber/microweber prior to 1.2.11.

Source: CVE-2022-0688

CVE-2022-0686

Authorization Bypass Through User-Controlled Key in NPM url-parse prior to 1.5.8.

Source: CVE-2022-0686

CVE-2021-45007

Plesk 18.0.37 is affected by a Cross Site Request Forgery (CSRF) vulnerability that allows an attacker to insert data on the user and admin panel.

Source: CVE-2021-45007

CVE-2022-0685

Use of Out-of-range Pointer Offset in Conda vim prior to 8.2.

Source: CVE-2022-0685

CVE-2021-46700

In libsixel 1.8.6, sixel_encoder_output_without_macro (called from sixel_encoder_encode_frame in encoder.c) has a double free.

Source: CVE-2021-46700

CVE-2022-0690

Cross-site Scripting (XSS) – Reflected in Packagist microweber/microweber prior to 1.2.11.

Source: CVE-2022-0690

CVE-2016-1239

duck before 0.10 did not properly handle loading of untrusted code from the current directory..

Source: CVE-2016-1239

CVE-2022-23376

WikiDocs version 0.1.18 has multiple reflected XSS vulnerabilities on different pages.

Source: CVE-2022-23376

CVE-2022-23375

WikiDocs version 0.1.18 has an authenticated remote code execution vulnerability. An attacker can upload a malicious file using the image upload form through index.php.

Source: CVE-2022-23375

CVE-2022-0689

Use multiple time the one-time coupon in Packagist microweber/microweber prior to 1.2.11.

Source: CVE-2022-0689