CVSS: 8.1EPSS: 0%CPEs: 1EXPL: 0CVE-2022-39287 – Plaintext transmission of CSRF tokens in tiny-csrf
https://notcve.org/view.php?id=CVE-2022-39287
tiny-csrf is a Node.js cross site request forgery (CSRF) protection middleware. In versions prior to 1.1.0 cookies were not encrypted and thus CSRF tokens were transmitted in the clear. This issue has been addressed in commit `8eead6d` and the patch with be included in version 1.1.0. Users are advised to upgrade. There are no known workarounds for this issue. tiny-csrf es un middleware de protección contra ataques de tipo cross site request forgery (CSRF) de Node.js. • https://github.com/valexandersaulys/tiny-csrf/commit/8eead6da3b56e290512bbe8d20c2c5df3be317ba https://github.com/valexandersaulys/tiny-csrf/security/advisories/GHSA-pj2c-h76w-vv6f • CWE-319: Cleartext Transmission of Sensitive Information •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 2CVE-2022-21169 – Prototype Pollution
https://notcve.org/view.php?id=CVE-2022-21169
The package express-xss-sanitizer before 1.1.3 are vulnerable to Prototype Pollution via the allowedTags attribute, allowing the attacker to bypass xss sanitization. El paquete express-xss-sanitizer versiones anteriores a 1.1.3, es vulnerable a una Contaminación de Prototipos por medio del atributo allowedTags, permitiendo al atacante omitir el saneo de tipo xss. • https://github.com/AhmedAdelFahim/express-xss-sanitizer/commit/3bf8aaaf4dbb1c209dcb8d87a82711a54c1ab39a https://github.com/AhmedAdelFahim/express-xss-sanitizer/issues/4 https://runkit.com/embed/w306l6zfm7tu https://security.snyk.io/vuln/SNYK-JS-EXPRESSXSSSANITIZER-3027443 • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-3119 – OAuth client Single Sign On for WordPress < 3.0.4 - Unauthenticated Settings Update to Authentication Bypass
https://notcve.org/view.php?id=CVE-2022-3119
The OAuth client Single Sign On WordPress plugin before 3.0.4 does not have authorisation and CSRF when updating its settings, which could allow unauthenticated attackers to update them and change the OAuth endpoints to ones they controls, allowing them to then be authenticated as admin if they know the correct email address El cliente OAuth Single Sign On plugin de WordPress versiones anteriores a 3.0.4, no presenta autorización y de tipo CSRF cuando es actualizada su configuración, lo que podría permitir a atacantes no autenticados actualizarlos y cambiar los endpoints OAuth a los que ellos controlan, permitiéndoles entonces ser autenticados como admin si conocen la dirección de correo electrónico correcta The OAuth client Single Sign On for WordPress ( OAuth 2.0 SSO ) plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the save_oauthclient_config() function that is hooked via 'init' in versions up to, and including, 3.0.3. This makes it possible for unauthenticated attackers to modify the plugin's oAuth settings which could lead to unauthorized and high privileged access to a vulnerable site. • https://wpscan.com/vulnerability/55b83cee-a8a5-4f9d-a976-a3eed9a558e5 • CWE-287: Improper Authentication CWE-352: Cross-Site Request Forgery (CSRF) CWE-862: Missing Authorization •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-29747
https://notcve.org/view.php?id=CVE-2022-29747
Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=invoice/manage_invoice&id= // Leak place ---> id. Simple Client Management System versión 1.0, es vulnerable a una inyección SQL por medio de /cms/admin/?page=invoice/manage_invoice&id= // Lugar de Filtrado ---> id • https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/simple-client-management-system/SQLi-2.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-29748
https://notcve.org/view.php?id=CVE-2022-29748
Simple Client Management System 1.0 is vulnerable to SQL Injection via \cms\admin?page=client/manage_client&id=. Simple Client Management System versión 1.0, es vulnerable a una inyección SQL por medio de \cms\admin?page=client/manage_client&id= • https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/simple-client-management-system/SQLi-1.md • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •