CVE-2021-43707

Cross Site Scripting (XSS) vulnerability exists in Maccms v10 via link_Name parameter.

Source: CVE-2021-43707

CVE-2021-43479

A Remote Code Execution (RCE) vulnerability exists in The-Secretary 2.5 via install.php.

Source: CVE-2021-43479

CVE-2021-37517

An Access Control vulnerability exists in Dolibarr ERP/CRM 13.0.2, fixed version is 14.0.0,in the forgot-password function becuase the application allows email addresses as usernames, which can cause a Denial of Service.

Source: CVE-2021-37517

CVE-2021-43484

A Remote Code Execution (RCE) vulnerability exists in Simple Client Management System 1.0 in create.php due to the failure to validate the extension of the file being sent in a request.

Source: CVE-2021-43484

CVE-2021-43478

A vulnerability exists in Hoosk 1.8.0 in /install/index.php, due to a failure to check if config.php already exists in the root directory, which could let a malicious user reinstall the website.

Source: CVE-2021-43478

CVE-2022-22311

IBM Security Verify Access could allow a user, using man in the middle techniques, to obtain sensitive information or possibly change some information due to improper validiation of JWT tokens.

Source: CVE-2022-22311

CVE-2021-42946

A Cross Site Scripting (XSS) vulnerability exists in htmly.2.8.1 via the Copyright field in the /admin/config page.

Source: CVE-2021-42946

CVE-2021-42869

A Cross Site Scripting (XSS) vulnerability exists in Chikista Patient Management Software 2.0.2 via the last_name parameter in the (1) patient/insert, (2) patient_report, (3) /appointment_report, (4) visit_report, and (5) /bill_detail_report pages.

Source: CVE-2021-42869

CVE-2021-42866

A Cross Site Scripting vulnerabilty exists in Pixelimity 1.0 via the Site Description field in pixelimity/admin/setting.php

Source: CVE-2021-42866

CVE-2021-42867

A Cross Site Scripting (XSS) vulnerability exists in DanPros htmly 2.8.1 via the Description field in (1) admin/config, and (2) index.php pages.

Source: CVE-2021-42867