YSah44

4 exploits Active since Apr 2022
CVE-2022-28508 NOMISEC MEDIUM NO CODE
MantisBT < 2.25.2 - Stored Cross-Site Scripting via Unescaped Return Parameter
An XSS issue was discovered in browser_search_plugin.php in MantisBT before 2.25.2. Unescaped output of the return parameter allows an attacker to inject code into a hidden input field.
4 stars
CVSS 6.1
CVE-2022-31402 NOMISEC MEDIUM NO CODE
iTop 3.0.1 - Cross-Site Scripting via export-v2.php
ITOP v3.0.1 was discovered to contain a cross-site scripting (XSS) vulnerability via /itop/webservices/export-v2.php.
1 stars
CVSS 6.1
CVE-2022-28452 NOMISEC CRITICAL WRITEUP
Red Planet Laundry Management System 1.0 - SQL Injection
Red Planet Laundry Management System 1.0 is vulnerable to SQL Injection.
1 stars
CVSS 9.8
CVE-2022-28454 NOMISEC MEDIUM WRITEUP
limbas 4.3.36.1319 - Cross-Site Scripting
Limbas 4.3.36.1319 is vulnerable to Cross Site Scripting (XSS).
1 stars
CVSS 6.1