|
6041
|
6.1 |
MEDIUM
Network
|
-
|
-
|
uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the orders/myOrders module. The date_created, date_from, date_to, and created_at parameters in the filter functionality ar…
|
CWE-79
Cross-site Scripting
|
CVE-2022-50962
|
2026-05-12 23:24 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
6042
|
6.1 |
MEDIUM
Network
|
-
|
-
|
uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the auctions/myAuctions/status/active module. The date_created, date_from, date_to, and created_at parameters in the filte…
|
CWE-79
Cross-site Scripting
|
CVE-2022-50963
|
2026-05-12 23:24 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
6043
|
6.1 |
MEDIUM
Network
|
-
|
-
|
uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the auctions/myAuctions/status/loose module. The date_created, date_from, date_to, and created_at parameters in the filter…
|
CWE-79
Cross-site Scripting
|
CVE-2022-50964
|
2026-05-12 23:24 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
6044
|
6.1 |
MEDIUM
Network
|
-
|
-
|
uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the posts/manage module. The date_created, date_from, date_to, and created_at parameters in the filter functionality are n…
|
CWE-79
Cross-site Scripting
|
CVE-2022-50965
|
2026-05-12 23:24 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
6045
|
6.1 |
MEDIUM
Network
|
-
|
-
|
uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the news/manage module. The date_created, date_from, date_to, and created_at parameters in the filter functionality are no…
|
CWE-79
Cross-site Scripting
|
CVE-2022-50966
|
2026-05-12 23:24 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
6046
|
6.1 |
MEDIUM
Network
|
-
|
-
|
uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the tickets/manage module. The date_created, date_from, date_to, and created_at parameters in the filter functionality are…
|
CWE-79
Cross-site Scripting
|
CVE-2022-50967
|
2026-05-12 23:24 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
6047
|
6.1 |
MEDIUM
Network
|
-
|
-
|
uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the auctions/manage module. The date_created, date_from, date_to, and created_at parameters in the filter functionality ar…
|
CWE-79
Cross-site Scripting
|
CVE-2022-50968
|
2026-05-12 23:24 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
6048
|
6.1 |
MEDIUM
Network
|
-
|
-
|
uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the backend/mailingLog/manage module. The date_created, date_from, date_to, and created_at parameters in the filter functi…
|
CWE-79
Cross-site Scripting
|
CVE-2022-50969
|
2026-05-12 23:24 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
6049
|
5.4 |
MEDIUM
Network
|
-
|
-
|
WordPress Plugin AAWP 3.16 contains a reflected cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by manipulating the tab parameter. Attackers can cra…
|
CWE-79
Cross-site Scripting
|
CVE-2022-50970
|
2026-05-12 23:24 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
6050
|
8.6 |
HIGH
Network
|
-
|
-
|
Spring AI's MilvusVectorStore#doDelete(List) implementation is vulnerable to filter-expression injection via unsanitized document IDs.
Spring AI 1.0.x: affected from 1.0.0 through latest 1.0.x; upgra…
|
CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
|
CVE-2026-41705
|
2026-05-12 23:20 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
