Feehi CMS version 2.1.1 suffers from a persistent cross site scripting vulnerability.
>> ARCHIVE: 2022-08
Nortek Linear eMerge E3-Series versions 0.32-07p, 0.32-07e, 0.32-07p, 0.32-08f, and 0.32-09c suffer from an administrative credential disclosure vulnerability.
Nortek Linear eMerge E3-Series version 0.32-09c suffers from a blind OS command injection vulnerability.
Nortek Linear eMerge E3-Series version 0.32-07p suffers from a vulnerability where session fixation tied with cross site scripting can allow for account takeover.
WordPress Duplicator plugin version 1.4.7.1 suffers from a backup disclosure vulnerability.
This Metasploit module exploits CVE-2022-28219, which is a pair of vulnerabilities in ManageEngine ADAudit Plus versions before build 7060. They include a path traversal in the /cewolf endpoint along with…
Thingsboard version 3.3.1 suffers from multiple persistent cross site scripting vulnerabilities.
PAN-OS 10.0 – Remote Code Execution (RCE) (Authenticated)
ThingsBoard 3.3.1 ‘name’ – Stored Cross-Site Scripting (XSS)
Feehi CMS 2.1.1 – Stored Cross-Site Scripting (XSS)