Lista CVE 2022/4xxx

CVE nel gruppo: 4xxx

CVE-2022-4063 (Clicca per dettagli)

CVE-2022-4064 (InPost Gallery < 2.1.4.1 - Unauthenticated LFI to RCE)

CVE-2022-4065 (Dalli Meta Protocol request_formatter.rb self.meta_set injection)

CVE-2022-4066 (cbeust testng XML File Parser JarFileUtils.java testngXmlExistsInJar path traversal)

CVE-2022-4067 (davidmoreno onion Log response.c onion_response_flush allocation of resources)

CVE-2022-4068 (Cross-site Scripting (XSS) – Stored in librenms/librenms)

CVE-2022-4069 (Improperly Controlled Modification of Dynamically-Determined Object Attributes in librenms/librenms)

CVE-2022-4070 (Cross-site Scripting (XSS) – Generic in librenms/librenms)

CVE-2022-4071 (Insufficient Session Expiration in librenms/librenms)

CVE-2022-4072 (Clicca per dettagli)

CVE-2022-4073 (Clicca per dettagli)

CVE-2022-4074 (Clicca per dettagli)

CVE-2022-4075 (Clicca per dettagli)

CVE-2022-4076 (Clicca per dettagli)

CVE-2022-4077 (Clicca per dettagli)

CVE-2022-4078 (Clicca per dettagli)

CVE-2022-4079 (Clicca per dettagli)

CVE-2022-4080 (Clicca per dettagli)

CVE-2022-4081 (Clicca per dettagli)

CVE-2022-4082 (Clicca per dettagli)

CVE-2022-4083 (Clicca per dettagli)

CVE-2022-4084 (Clicca per dettagli)

CVE-2022-4085 (Clicca per dettagli)

CVE-2022-4086 (Clicca per dettagli)

CVE-2022-4087 (Clicca per dettagli)

CVE-2022-4088 (iPXE TLS tls.c tls_new_ciphertext information exposure)

CVE-2022-4089 (rickxy Stock Management System processlogin.php sql injection)

CVE-2022-4090 (rickxy Stock Management System processlogin.php cross site scripting)

CVE-2022-4091 (rickxy Stock Management System cross-site request forgery)

CVE-2022-4092 (SourceCodester Canteen Management System food.php query cross site scripting)

CVE-2022-4093 (Clicca per dettagli)

CVE-2022-4095 ( SQL Injection in dolibarr/dolibarr)

CVE-2022-4096 (Clicca per dettagli)

CVE-2022-4097 (Server-Side Request Forgery (SSRF) in appsmithorg/appsmith)

CVE-2022-4098 (All In One WP Security & Firewall < 5.0.8 - IP Spoofing)

CVE-2022-4099 (Wiesemann & Theis: Multiple products prone to missing authentication through spoofing)

CVE-2022-4100 (Joy Of Text Lite < 2.3.1 - Unauthenticated SQLi)

CVE-2022-4101 (WP Cerber Security <= 9.4 - IP Protection Bypass)

CVE-2022-4102 (Images Optimize and Upload CF7 <= 2.1.4 - Unauthenticated Arbitrary File Deletion)

CVE-2022-4103 (Royal Elementor Addons < 1.3.56 - Subscriber+ Arbitrary Post Deletion)

CVE-2022-4104 (Royal Elementor Addons < 1.3.56 - Subscriber+ Arbitrary Post Creation)

CVE-2022-4105 (Clicca per dettagli)

CVE-2022-4106 (Cross-site Scripting (XSS) – Stored in kiwitcms/kiwi)

CVE-2022-4107 (Wholesale Market for WooCommerce < 1.0.7 - Unauthenticated Arbitrary File Download)

CVE-2022-4108 (SMSA Shipping for WooCommerce < 1.0.5 - Subscriber+ Arbitrary File Download)

CVE-2022-4109 (Wholesale Market for WooCommerce < 1.0.8 - Admin+ Arbitrary File Download)

CVE-2022-4110 (Wholesale Market for WooCommerce < 2.0.0 - Admin+ Arbitrary Log Download)

CVE-2022-4111 (Eventify <= 2.1 - Admin+ Stored XSS)

CVE-2022-4112 (Improper Validation of Specified Quantity in Input in tooljet/tooljet)

CVE-2022-4114 (Quizlord <= 2.0 - Admin+ Stored XSS)

CVE-2022-4115 (Superio – Job Board < 1.2.33 - Subscriber+ Stored Cross-Site Scripting)

CVE-2022-4116 (Editorial Calendar < 3.8.3 - Contributor+ Stored XSS)

CVE-2022-4117 (Clicca per dettagli)

CVE-2022-4118 (IWS – Geo Form Fields <= 1.0 - Unauthenticated SQLi)

CVE-2022-4119 (Bitcoin / AltCoin Payment Gateway <= 1.7.1 - Unauthenticated SQLi)

CVE-2022-4120 (Image Optimizer, Resizer and CDN < 6.8.1 - Admin+ Stored XSS)

CVE-2022-4121 (Stop Spammers Security < 2022.6 - Unauthenticated PHP Object Injection)

CVE-2022-4122 (Clicca per dettagli)

CVE-2022-4123 (Clicca per dettagli)

CVE-2022-4124 (Clicca per dettagli)

CVE-2022-4125 (Popup Manager <= 1.6.6 - Unauthenticated Arbitrary Popup Deletion)

CVE-2022-4126 (Popup Manager <= 1.6.6 - Unauthenticated Stored XSS)

CVE-2022-4127 (Use of Default Password)

CVE-2022-4128 (Clicca per dettagli)

CVE-2022-4129 (Clicca per dettagli)

CVE-2022-4130 (Clicca per dettagli)

CVE-2022-4131 (Clicca per dettagli)

CVE-2022-4132 (Clicca per dettagli)

CVE-2022-4133 (Memory leak on tls connections)

CVE-2022-4134 (Clicca per dettagli)

CVE-2022-4135 (Clicca per dettagli)

CVE-2022-4136 (Clicca per dettagli)

CVE-2022-4137 (Exposed Dangerous Method or Function in qmpaas/leadshop)

CVE-2022-4138 (Keycloak: reflected xss attack)

CVE-2022-4139 (Clicca per dettagli)

CVE-2022-4140 (Clicca per dettagli)

CVE-2022-4141 (Welcart e-Commerce < 2.8.5 - Unauthenticated Arbitrary File Access)

CVE-2022-4142 (Heap-based Buffer Overflow in vim/vim)

CVE-2022-4143 (WordPress Filter Gallery Plugin < 0.1.6 - Admin+ Stored XSS)

CVE-2022-4144 (Clicca per dettagli)