CVE-2021-38732

SEMCMS SHOP v 1.1 is vulnerable to SQL via Ant_Message.php.

Source: CVE-2021-38732

CVE-2021-38733

SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_BlogCat.php.

Source: CVE-2021-38733

CVE-2021-36863

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ExpressTech Quiz And Survey Master plugin <= 7.3.4 on WordPress.

Source: CVE-2021-36863

CVE-2021-38217

SEMCMS v 1.2 is vulnerable to SQL Injection via SEMCMS_User.php.

Source: CVE-2021-38217

CVE-2021-38728

SEMCMS SHOP v 1.1 is vulnerable to Cross Site Scripting (XSS) via Ant_M_Coup.php.

Source: CVE-2021-38728

CVE-2021-38729

SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_Plist.php.

Source: CVE-2021-38729

CVE-2021-36858

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Themepoints Testimonials plugin <= 2.6 on WordPress.

Source: CVE-2021-36858

CVE-2022-2882

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.6 before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting from 15.4 before 15.4.1. A malicious maintainer could exfiltrate a GitHub integration’s access token by modifying the integration URL such that authenticated requests are sent to an attacker controlled server.

Source: CVE-2022-2882

CVE-2022-3018

An information disclosure vulnerability in GitLab CE/EE affecting all versions starting from 9.3 before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting from 15.4 before 15.4.1 allows a project maintainer to access the DataDog integration API key from webhook logs.

Source: CVE-2022-3018

CVE-2021-38736

SEMCMS Shop V 1.1 is vulnerable to SQL Injection via Ant_Global.php.

Source: CVE-2021-38736