CVSS: 5.5EPSS: 2%CPEs: 1EXPL: 2CVE-2022-43117
https://notcve.org/view.php?id=CVE-2022-43117
21 Nov 2022 — Sourcecodester Password Storage Application in PHP/OOP and MySQL 1.0 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities via the Name, Username, Description and Site Feature parameters. Se descubrió que la aplicación de almacenamiento de contraseñas Sourcecodester en PHP/OOP y MySQL 1.0 contiene múltiples vulnerabilidades de cross-site scripting (XSS) a través de los parámetros Nombre, Nombre de usuario, Descripción y Característica del sitio. • https://github.com/RashidKhanPathan/CVE-2022-43117 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-43142
https://notcve.org/view.php?id=CVE-2022-43142
17 Nov 2022 — A cross-site scripting (XSS) vulnerability in the add-fee.php component of Password Storage Application v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the cmddept parameter. Una vulnerabilidad de Cross-Site Scripting (XSS) en el componente add-fee.php de Password Storage Application v1.0 permite a los atacantes ejecutars scripts web o HTML arbitrarios a través de un payload manipulado inyectado en el parámetro cmddept. • https://github.com/TongJinBo/BugReport/blob/main/XssBug.md • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2022-42993
https://notcve.org/view.php?id=CVE-2022-42993
27 Oct 2022 — Password Storage Application v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Setup page. Se descubrió que Password Storage Application v1.0 contiene una vulnerabilidad de Cross-Site Scripting (XSS) a través de la página de Setup. • http://oretnom23.com • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •