Common Vulnerabilities and Exposures (CVE)

CVE-2022-40435

Jul 5, 2026 00:10:55 UTC

Employee Performance Evaluation System v1.0 was discovered to contain a persistent cross-site scripting (XSS) vulnerability via adding new entries under the Departments and Designations module.

CVE-2022-40434

Jul 5, 2026 00:10:51 UTC

Softr v2.0 was discovered to be vulnerable to HTML injection via the Name field of the Account page.

CVE-2022-31358

Jul 5, 2026 00:10:43 UTC

A reflected cross-site scripting (XSS) vulnerability in Proxmox Virtual Environment prior to v7.2-3 allows remote attackers to execute arbitrary web scripts or HTML via non-existent endpoints under path /api2/html/.

CVE-2022-44303

Jul 5, 2026 00:10:39 UTC

Resque Scheduler version 1.27.4 is vulnerable to Cross-site scripting (XSS). A remote attacker could inject javascript code to the "{schedule_job}" or "args" parameter in /resque/delayed/jobs/{schedule_job}?args={args_id} to execute javascr...

CVE-2022-38599

Jul 5, 2026 00:10:31 UTC

Teleport v3.2.2, Teleport v3.5.6-rc6, and Teleport v3.6.3-b2 was discovered to contain an information leak via the /user/get-role-list web interface.

CVE-2022-44962

Jul 5, 2026 00:10:27 UTC

webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /calendar/viewcalendar.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected in...

CVE-2022-44961

Jul 5, 2026 00:10:23 UTC

webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /forums/editforum.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into th...

CVE-2022-44960

Jul 5, 2026 00:10:19 UTC

webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /general/search.php?searchtype=simple. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload ...

CVE-2022-44959

Jul 5, 2026 00:10:14 UTC

webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /meetings/listmeetings.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected in...

CVE-2022-44957

Jul 5, 2026 00:10:10 UTC

webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /clients/listclients.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into...

CVE-2022-44956

Jul 5, 2026 00:10:06 UTC

webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /projects/listprojects.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected in...

CVE-2022-44955

Jul 5, 2026 00:10:02 UTC

webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the Chat function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Messages field.

CVE-2022-44954

Jul 5, 2026 00:09:57 UTC

webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /contacts/listcontacts.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected in...

CVE-2022-44953

Jul 5, 2026 00:09:53 UTC

webtareas 2.4p5 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /linkedcontent/listfiles.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected ...

CVE-2022-44952

Jul 5, 2026 00:09:45 UTC

Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in /index.php?module=configuration/application. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payloa...