Skip to main content
CVE-2022-28363 MEDIUM POC This Month

Reprise License Manager 14.2 is affected by a reflected cross-site scripting vulnerability (XSS) in the /goform/login_process username parameter via GET. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Reprise License Manager
NVD
CVSS 3.1
6.1
EPSS
4.3%
CVE-2022-1287 CRITICAL Act Now

A vulnerability classified as critical was found in School Club Application System 1.0. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP Privilege Escalation School Club Application System
NVD VulDB
CVSS 3.1
9.8
EPSS
0.7%
CVE-2022-28364 MEDIUM POC This Month

Reprise License Manager 14.2 is affected by a reflected cross-site scripting vulnerability (XSS) in the /goform/rlmswitchr_process file parameter via GET. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Reprise License Manager
NVD
CVSS 3.1
5.4
EPSS
1.0%
CVE-2022-28365 MEDIUM POC This Month

Reprise License Manager 14.2 is affected by an Information Disclosure vulnerability via a GET request to /goforms/rlminfo. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Reprise License Manager
NVD
CVSS 3.1
5.3
EPSS
8.4%
CVE-2022-27883 HIGH This Week

A link following vulnerability in Trend Micro Antivirus for Mac 11.5 could allow an attacker to create a specially-crafted file as a symlink that can lead to privilege escalation. Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Trend Micro Antivirus For Mac
NVD
CVSS 3.1
7.3
EPSS
1.2%
CVE-2022-26877 MEDIUM This Month

Asana Desktop before 1.6.0 allows remote attackers to exfiltrate local files if they can trick the Asana desktop app into loading a malicious web page. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Path Traversal Information Disclosure Desktop
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2022-1288 MEDIUM This Month

A vulnerability, which was classified as problematic, has been found in School Club Application System 1.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS School Club Application System
NVD VulDB
CVSS 3.1
6.1
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy