CVEDB API

Vulnerabilities

Vulnerable Software

Security Vulnerabilities - CVEs Published In March 2022

CVE-2021-42946

A Cross Site Scripting (XSS) vulnerability exists in htmly.2.8.1 via the Copyright field in the /admin/config page.

CVSS Score

4.8

EPSS Score

0.002

Published

2022-03-31

CVE-2022-22311

IBM Security Verify Access could allow a user, using man in the middle techniques, to obtain sensitive information or possibly change some information due to improper validiation of JWT tokens.

CVSS Score

4.8

EPSS Score

0.002

Published

2022-03-31

CVE-2021-42866

A Cross Site Scripting vulnerabilty exists in Pixelimity 1.0 via the Site Description field in pixelimity/admin/setting.php

CVSS Score

4.8

EPSS Score

0.002

Published

2022-03-31

CVE-2021-42867

A Cross Site Scripting (XSS) vulnerability exists in DanPros htmly 2.8.1 via the Description field in (1) admin/config, and (2) index.php pages.

CVSS Score

4.8

EPSS Score

0.002

Published

2022-03-31

CVE-2021-42868

A Cross Site Scripting (XSS) vulnerability exists in Chikista Patient Management Software 2.0.2 in the first_name parameter in (1) patient/insert, (2) patient_report, (3) appointment_report, (4) visit_report, and (5) bill_detail_report pages. .

CVSS Score

4.8

EPSS Score

0.002

Published

2022-03-31

CVE-2021-42869

A Cross Site Scripting (XSS) vulnerability exists in Chikista Patient Management Software 2.0.2 via the last_name parameter in the (1) patient/insert, (2) patient_report, (3) /appointment_report, (4) visit_report, and (5) /bill_detail_report pages.

CVSS Score

4.8

EPSS Score

0.002

Published

2022-03-31

CVE-2021-36625

An SQL Injection vulnerability exists in Dolibarr ERP/CRM 13.0.2 (fixed version is 14.0.0) via a POST request to the country_id parameter in an UPDATE statement.

CVSS Score

8.8

EPSS Score

0.004

Published

2022-03-31

CVE-2021-43505

Multiple Cross Site Scripting (XSS) vulnerabilities exist in Ssourcecodester Simple Client Management System v1 via (1) Add new Client and (2) Add new invoice.

CVSS Score

5.4

EPSS Score

0.002

Published

2022-03-31

CVE-2021-43506

An SQL Injection vulnerability exists in Sourcecodester Simple Client Management System 1.0 via the password parameter in Login.php.

CVSS Score

9.8

EPSS Score

0.005

Published

2022-03-31

CVE-2021-34257

Multiple Remote Code Execution (RCE) vulnerabilities exist in WPanel 4 4.3.1 and below via a malicious PHP file upload to (1) Dashboard's Avatar image, (2) Posts Folder image, (3) Pages Folder image and (4) Gallery Folder image.

CVSS Score

8.8

EPSS Score

0.009

Published

2022-03-31

Prev Next

Page 3

Vulnerabilities

Vulnerable Software

Security Vulnerabilities - CVEs Published In March 2022

Products

Pricing

Contact Us