CVE-2022-24494
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability.
Source: CVE-2022-24494
[월:] 2022년 04월
CVE-2022-27852
CVE-2022-27852
Multiple Unauthenticated Stored Cross-Site Scripting (XSS) vulnerabilities in KB Support (WordPress plugin) <= 1.5.5
Source: CVE-2022-27852
CVE-2021-42230
CVE-2021-42230
Seowon 130-SLC router all versions as of 2021-09-15 is vulnerable to Remote Code Execution via the queriesCnt parameter.
Source: CVE-2021-42230
CVE-2022-27851
CVE-2022-27851
Cross-Site Request Forgery (CSRF) in Use Any Font (WordPress plugin) <= 6.1.7 allows an attacker to deactivate the API key.
Source: CVE-2022-27851
CVE-2022-27850
CVE-2022-27850
Cross-Site Request Forgery (CSRF) in Simple Ajax Chat (WordPress plugin) <= 20220115 allows an attacker to clear the chat log or delete a chat message.
Source: CVE-2022-27850
CVE-2022-27849
CVE-2022-27849
Sensitive Information Disclosure (sac-export.csv) in Simple Ajax Chat (WordPress plugin) <= 20220115
Source: CVE-2022-27849
CVE-2021-36828
CVE-2021-36828
Authenticated (admin+) Stored Cross-Site Scripting (XSS) in WP Maintenance (WordPress plugin) <= 6.0.4 affects multiple inputs.
Source: CVE-2021-36828
CVE-2021-36205
CVE-2021-36205
Under certain circumstances the session token is not cleared on logout.
Source: CVE-2021-36205
CVE-2022-23865
CVE-2022-23865
Nyron 1.0 is affected by a SQL injection vulnerability through Nyron/Library/Catalog/winlibsrch.aspx. To exploit this vulnerability, an attacker must inject ‘"> on the thes1 parameter.
Source: CVE-2022-23865
CVE-2022-27258
CVE-2022-27258
Multiple Cross-Site Scripting (XSS) vulnerabilities in Hubzilla 7.0.3 and earlier allows remote attacker to include arbitrary web script or HTML via the rpath parameter.
Source: CVE-2022-27258