Vulnerabilities (CVE)

  1. Yack CVE
  2. Vulnerabilities (CVE)
Filtered by CWE-79
Angry Yack Logo
Total 42233 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-45137 1 Wago 14 751-9301, 751-9301 Firmware, 752-8303\/8000-002 and 11 more 2024-11-21 N/A 6.1 MEDIUM
The configuration backend of the web-based management is vulnerable to reflected XSS (Cross-Site Scripting) attacks that targets the users browser. This leads to a limited impact of confidentiality and integrity but no impact of availability.
CVE-2022-45091 1 Gruparge 1 Smartpower Web 2024-11-21 N/A 5.4 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Group Arge Energy and Control Systems Smartpower Web allows Cross-Site Scripting (XSS).This issue affects Smartpower Web: before 23.01.01.
CVE-2022-45087 1 Gruparge 1 Smartpower Web 2024-11-21 N/A 6.1 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Group Arge Energy and Control Systems Smartpower Web allows Cross-Site Scripting (XSS). This issue affects Smartpower Web: before 23.01.01.
CVE-2022-45086 1 Gruparge 1 Smartpower Web 2024-11-21 N/A 5.4 MEDIUM
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Group Arge Energy and Control Systems Smartpower Web allows Cross-Site Scripting (XSS). This issue affects Smartpower Web: before 23.01.01.
CVE-2022-45084 1 Loginizer 1 Loginizer 2024-11-21 N/A 7.1 HIGH
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Softaculous Loginizer plugin <= 1.7.5 versions.
CVE-2022-45082 1 Oxilab 1 Accordions 2024-11-21 N/A 3.4 LOW
Multiple Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerabilities in Accordions plugin <= 2.0.3 on WordPress via &addons-style-name and &accordions_or_faqs_license_key.
CVE-2022-45065 1 Squirrly 1 Seo Plugin By Squirrly Seo 2024-11-21 N/A 7.1 HIGH
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Squirrly SEO Plugin by Squirrly SEO plugin <= 12.1.20 versions.
CVE-2022-45051 3 Axiell, Linux, Microsoft 3 Iguana, Linux Kernel, Windows 2024-11-21 N/A 6.1 MEDIUM
A reflected XSS vulnerability has been found in Axiell Iguana CMS, allowing an attacker to execute code in a victim's browser. The module parameter on the Service.template.cls endpoint does not properly neutralise user input, resulting in the vulnerability.
CVE-2022-45050 1 Axiell 1 Iguana 2024-11-21 N/A 6.1 MEDIUM
A reflected XSS vulnerability has been found in Axiell Iguana CMS, allowing an attacker to execute code in a victim's browser. The title parameter on the twitter.php endpoint does not properly neutralise user input, resulting in the vulnerability.
CVE-2022-45049 3 Axiell, Linux, Microsoft 3 Iguana, Linux Kernel, Windows 2024-11-21 N/A 6.1 MEDIUM
A reflected XSS vulnerability has been found in Axiell Iguana CMS, allowing an attacker to execute code in a victim's browser. The url parameter on the novelist.php endpoint does not properly neutralise user input, resulting in the vulnerability.
CVE-2022-44743 1 Blueglass 1 Jobs For Wordpress 2024-11-21 N/A 6.5 MEDIUM
Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in BlueGlass Jobs for WordPress plugin <= 2.5.11.2 versions.
CVE-2022-44742 1 Community Events Project 1 Community Events 2024-11-21 N/A 4.8 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting vulnerability in Yannick Lefebvre Community Events plugin <= 1.4.8 versions.
CVE-2022-44741 1 Slidervilla 1 Testimonial Slider 2024-11-21 N/A 6.1 MEDIUM
Cross-Site Request Forgery (CSRF) vulnerability leading to Cross-Site Scripting (XSS) in David Anderson Testimonial Slider plugin <= 1.3.1 on WordPress.
CVE-2022-44736 1 Chameleon Project 1 Chameleon 2024-11-21 N/A 4.8 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Chameleon plugin <= 1.4.3 on WordPress.
CVE-2022-44735 1 Wp Clictracker Project 1 Wp Clictracker 2024-11-21 N/A 4.8 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gus Sevilla WP Clictracker plugin <= 1.0.5 versions.
CVE-2022-44734 1 Bestwebsoft 1 Car Rental 2024-11-21 N/A 4.8 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in BestWebSoft Car Rental by BestWebSoft plugin <= 1.1.2 versions.
CVE-2022-44632 1 Content-repeater Project 1 Content-repeater 2024-11-21 N/A 4.8 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Denis Buka Content Repeater – Custom Posts Simplified plugin <= 1.1.13 versions.
CVE-2022-44631 1 1app 1 1app Business Forms 2024-11-21 N/A 4.8 MEDIUM
Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in 1app Technologies, Inc 1app Business Forms plugin <= 1.0.0 versions.
CVE-2022-44629 1 Catalystconnect 1 Catalyst Connect Zoho Crm Client Portal 2024-11-21 N/A 5.9 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Catalyst Connect Catalyst Connect Zoho CRM Client Portal plugin <= 2.0.0 versions.
CVE-2022-44628 1 Jumpdemand 1 4ecps Web Forms 2024-11-21 N/A 4.8 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in JumpDEMAND Inc. 4ECPS Web Forms plugin <= 0.2.17 on WordPress.
CVE-2022-44625 1 Cyclodev 1 Wp Notify 2024-11-21 N/A 4.8 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting') vulnerability in Zephilou Cyklodev WP Notify plugin <= 1.2.1 versions.
CVE-2022-44594 1 Codebangers 1 All In One Time Clock Lite 2024-11-21 N/A 4.8 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Codebangers All in One Time Clock Lite plugin <= 1.3.320 versions.
CVE-2022-44591 1 Anthologize Project 1 Anthologize 2024-11-21 N/A 4.8 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Anthologize plugin <= 0.8.0 on WordPress.
CVE-2022-44590 1 Simple Video Embedder Project 1 Simple Video Embedder 2024-11-21 N/A 5.4 MEDIUM
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in James Lao's Simple Video Embedder plugin <= 2.2 on WordPress.
CVE-2022-44586 1 Am-hili Project 1 Am-hili 2024-11-21 N/A 4.8 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) in Ayoub Media AM-HiLi plugin <= 1.0 on WordPress.
CVE-2022-44582 1 Apptivo 1 Apptivo Business Site Crm 2024-11-21 N/A 4.8 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Apptivo Apptivo Business Site CRM plugin <= 3.0.12 versions.
CVE-2022-44576 1 Agenteasy Properties Project 1 Agenteasy Properties 2024-11-21 N/A 4.8 MEDIUM
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in AgentEasy Properties plugin <= 1.0.4 on WordPress.
CVE-2022-44510 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 N/A 5.4 MEDIUM
Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
CVE-2022-44474 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 N/A 5.4 MEDIUM
Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
CVE-2022-44473 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 N/A 5.4 MEDIUM
Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
CVE-2022-44471 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 N/A 5.4 MEDIUM
Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
CVE-2022-44470 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 N/A 5.4 MEDIUM
Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
CVE-2022-44469 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 N/A 5.4 MEDIUM
Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
CVE-2022-44468 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 N/A 5.4 MEDIUM
Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
CVE-2022-44467 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 N/A 5.4 MEDIUM
Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
CVE-2022-44466 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 N/A 5.4 MEDIUM
Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
CVE-2022-44465 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 N/A 5.4 MEDIUM
Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
CVE-2022-44463 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 N/A 5.4 MEDIUM
Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
CVE-2022-44462 1 Adobe 2 Experience Manager, Experience Manager Cloud Service 2024-11-21 N/A 5.4 MEDIUM
Adobe Experience Manager version 6.5.14 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.
CVE-2022-44390 1 Eyoucms 1 Eyoucms 2024-11-21 N/A 5.4 MEDIUM
A cross-site scripting (XSS) vulnerability in EyouCMS V1.5.9-UTF8-SP1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Public Security Record Number text field.