Skip to main content
CVE-2022-0764 MEDIUM POC PATCH This Month

Arbitrary Command Injection in GitHub repository strapi/strapi prior to 4.1.0. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. Public exploit code available.

Command Injection Strapi
NVD GitHub
CVSS 3.1
6.7
EPSS
0.8%
CVE-2022-22908 MEDIUM POC This Month

SangforCSClient.exe in Sangfor VDI Client 5.4.2.1006 allows attackers, when they are able to read process memory, to discover the contents of the Username and Password fields. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Vdi Client
NVD GitHub
CVSS 3.1
5.5
EPSS
0.3%
CVE-2022-0723 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.2.11. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Microweber
NVD GitHub
CVSS 3.1
5.4
EPSS
0.9%
CVE-2022-0763 MEDIUM POC PATCH This Month

Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.3. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

XSS Microweber
NVD GitHub
CVSS 3.1
4.8
EPSS
0.6%
CVE-2022-0762 MEDIUM POC PATCH This Month

Incorrect Authorization in GitHub repository microweber/microweber prior to 1.3. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Authentication Bypass Microweber
NVD GitHub
CVSS 3.1
4.3
EPSS
0.6%
CVE-2022-26146 MEDIUM This Month

Tricentis qTest before 10.4 allows stored XSS by an authenticated attacker. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Qtest
NVD GitHub
CVSS 3.1
5.4
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy