Daybyday CRM 2.2.0 New Task /tasks title cross site scripting

A vulnerability was found in Daybyday CRM 2.2.0 (Customer Relationship Management System). It has been declared as problematic. This vulnerability affects an unknown code of the file /tasks of the component New Task Handler. Applying the patch 002dc75f400cf307bd00b71a5a93f1e26e52cee2 is able to eliminate this problem. The bugfix is ready for download at github.com.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2022-32405 : SOURCECODESTER PRISON MANAGEMENT SYSTEM 1.0 VIEW_PRISON.PHP ID SQL INJECTION

CVE-2022-32405 : SOURCECODESTER PRISON MANAGEMENT SYSTEM 1.0 VIEW_PRISON.PHP ID SQL INJECTION

Description Prison Management System v1.0 was discovered to contain a SQL injection vulnerability via the ‘id’ parameter at /pms/admin/prisons/view_prison.php:4 References

CVE-2022-20651 : CISCO ADAPTIVE SECURITY DEVICE MANAGER LOG FILE

CVE-2022-20651 : CISCO ADAPTIVE SECURITY DEVICE MANAGER LOG FILE

Description A vulnerability in the logging component of Cisco Adaptive Security Device Manager (ASDM) could allow an authenticated, local attacker