Rukovoditel

Rukovoditel

52 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2022-44946

Exploit
  • EPSS 1.09%
  • Veröffentlicht 02.12.2022 20:15:14
  • Zuletzt bearbeitet 24.04.2025 14:15:39

Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add Page function at /index.php?module=help_pages/pages&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML...

5.4

CVE-2022-44948

Exploit
  • EPSS 1.72%
  • Veröffentlicht 02.12.2022 20:15:14
  • Zuletzt bearbeitet 24.04.2025 14:15:39

Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Entities Group feature at/index.php?module=entities/entities_groups. This vulnerability allows attackers to execute arbitrary web scripts or HTML vi...

5.4

CVE-2022-44949

Exploit
  • EPSS 1.8%
  • Veröffentlicht 02.12.2022 20:15:14
  • Zuletzt bearbeitet 24.04.2025 14:15:40

Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add New Field function at /index.php?module=entities/fields&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or ...

5.4

CVE-2022-44950

Exploit
  • EPSS 1.8%
  • Veröffentlicht 02.12.2022 20:15:14
  • Zuletzt bearbeitet 24.04.2025 14:15:40

Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add New Field function at /index.php?module=entities/fields&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or ...

5.4

CVE-2022-44951

Exploit
  • EPSS 1.72%
  • Veröffentlicht 02.12.2022 20:15:14
  • Zuletzt bearbeitet 24.04.2025 20:15:27

Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add New Form tab function at /index.php?module=entities/forms&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts o...

5.4

CVE-2022-44952

Exploit
  • EPSS 1.76%
  • Veröffentlicht 02.12.2022 20:15:14
  • Zuletzt bearbeitet 24.04.2025 20:15:28

Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in /index.php?module=configuration/application. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected...

8.8

CVE-2022-43288

Exploit
  • EPSS 0.31%
  • Veröffentlicht 14.11.2022 15:16:22
  • Zuletzt bearbeitet 30.04.2025 19:15:52

Rukovoditel v3.2.1 was discovered to contain a SQL injection vulnerability via the order_by parameter at /rukovoditel/index.php?module=logs/view&type=php.

5.4

CVE-2022-43170

Exploit
  • EPSS 5.44%
  • Veröffentlicht 28.10.2022 17:15:27
  • Zuletzt bearbeitet 07.05.2025 15:15:55

A stored cross-site scripting (XSS) vulnerability in the Dashboard Configuration feature (index.php?module=dashboard_configure/index) of Rukovoditel v3.2.1 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload ...

5.4

CVE-2022-43169

Exploit
  • EPSS 7.33%
  • Veröffentlicht 28.10.2022 17:15:27
  • Zuletzt bearbeitet 08.05.2025 20:15:25

A stored cross-site scripting (XSS) vulnerability in the Users Access Groups feature (/index.php?module=users_groups/users_groups) of Rukovoditel v3.2.1 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload inj...

9.8

CVE-2022-43168

Exploit
  • EPSS 0.65%
  • Veröffentlicht 28.10.2022 17:15:27
  • Zuletzt bearbeitet 08.05.2025 20:15:25

Rukovoditel v3.2.1 was discovered to contain a SQL injection vulnerability via the reports_id parameter.