Security Vulnerabilities - CVEs Published In March 2022
BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control.
CVSS Score
7.5
EPSS Score
0.007
Published
2022-03-21
BigAnt Software BigAnt Server v5.6.06 was discovered to contain incorrect access control issues.
CVSS Score
8.8
EPSS Score
0.007
Published
2022-03-21
BigAnt Software BigAnt Server v5.6.06 was discovered to be vulnerable to directory traversal attacks.
CVSS Score
7.5
EPSS Score
0.735
Published
2022-03-21
BigAnt Software BigAnt Server v5.6.06 was discovered to utilize weak password hashes.
CVSS Score
5.3
EPSS Score
0.012
Published
2022-03-21
BigAnt Software BigAnt Server v5.6.06 was discovered to contain a Cross-Site Request Forgery (CSRF).
CVSS Score
8.8
EPSS Score
0.002
Published
2022-03-21
BigAnt Software BigAnt Server v5.6.06 was discovered to contain a cross-site scripting (XSS) vulnerability.
CVSS Score
5.4
EPSS Score
0.005
Published
2022-03-21
An issue in BigAnt Software BigAnt Server v5.6.06 can lead to a Denial of Service (DoS).
CVSS Score
7.5
EPSS Score
0.009
Published
2022-03-21
The Amelia WordPress plugin before 1.0.47 does not sanitize and escape the code parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting.
CVSS Score
6.1
EPSS Score
0.002
Published
2022-03-21
The Mega Menu WordPress plugin before 3.0.8 does not sanitize and escape the _wpnonce parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting.
CVSS Score
6.1
EPSS Score
0.002
Published
2022-03-21
The Pricing Table Builder WordPress plugin before 1.1.5 does not sanitize and escape the postid parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting.
CVSS Score
6.1
EPSS Score
0.002
Published
2022-03-21