|
1061
|
5.4 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the web management interface of Cisco BroadWorks Hosted Thin Receptionist could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against …
Update
|
CWE-79
Cross-site Scripting
|
CVE-2022-20948
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1062
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the web-based management interface of Cisco Smart Software Manager On-Prem could allow an authenticated, remote attacker to elevate privileges on an affected system.
This vul…
Update
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2022-20939
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1063
|
6.5 |
MEDIUM
Adjacent
|
-
|
-
|
A vulnerability in the version control of Cisco TelePresence CE Software for Cisco Touch 10 Devices could allow an unauthenticated, adjacent attacker to install an older version of the soft…
Update
|
CWE-527
Exposure of Version-Control Repository to an Unauthorized Control Sphere
|
CVE-2022-20931
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1064
|
- |
|
-
|
-
|
A vulnerability classified as problematic has been found in code-projects Online Shop Store 1.0. This affects an unknown part of the file /signup.php. The manipulation of the argument m2 with the inp…
Update
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2024-11243
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1065
|
- |
|
-
|
-
|
A vulnerability was found in ZZCMS 2023. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/ad_list.php?action=pass of the component Keyword Filter…
Update
|
CWE-89
CWE-74
SQL Injection
Injection
|
CVE-2024-11242
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1066
|
- |
|
-
|
-
|
A vulnerability was found in code-projects Job Recruitment 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file reset.php. The manipulation of…
Update
|
-
|
CVE-2024-11241
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1067
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the web management interface of Cisco AsyncOS for Cisco Secure Web Appliance, formerly Cisco Web Security Appliance (WSA), could allow an authenticated, remote …
Update
|
CWE-78
OS Command
|
CVE-2022-20871
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1068
|
7.4 |
HIGH
Network
|
-
|
-
|
A vulnerability in the REST API of Cisco Expressway Series and Cisco TelePresence VCS could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack o…
Update
|
CWE-352
Origin Validation Error
|
CVE-2022-20853
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1069
|
6.1 |
MEDIUM
Adjacent
|
-
|
-
|
A vulnerability in the Broadband Network Gateway PPP over Ethernet (PPPoE) feature of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the PPPoE process to contin…
Update
|
CWE-391
|
CVE-2022-20849
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1070
|
4.3 |
MEDIUM
Adjacent
|
-
|
-
|
A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the Cisco Discovery Protocol process…
Update
|
CWE-120
Classic Buffer Overflow
|
CVE-2022-20846
|
2024-11-19 02:11 |
2024-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
