Vulnerabilities > Exceedone > Laravel Admin

DATE CVE VULNERABILITY TITLE RISK
2022-08-24 CVE-2022-37333 SQL Injection vulnerability in Exceedone Exment
SQL injection vulnerability in the Exment ((PHP8) exceedone/exment v5.0.2 and earlier and exceedone/laravel-admin v3.0.0 and earlier, (PHP7) exceedone/exment v4.4.2 and earlier and exceedone/laravel-admin v2.2.2 and earlier) allows remote authenticated attackers to execute arbitrary SQL commands.
network
low complexity
exceedone CWE-89
8.8
8.8
2022-08-24 CVE-2022-38080 Cross-site Scripting vulnerability in Exceedone Exment
Reflected cross-site scripting vulnerability in Exment ((PHP8) exceedone/exment v5.0.2 and earlier and exceedone/laravel-admin v3.0.0 and earlier, (PHP7) exceedone/exment v4.4.2 and earlier and exceedone/laravel-admin v2.2.2 and earlier) allows a remote authenticated attacker to inject an arbitrary script.
network
low complexity
exceedone CWE-79
5.4
5.4
2022-08-24 CVE-2022-38089 Cross-site Scripting vulnerability in Exceedone Exment
Stored cross-site scripting vulnerability in Exment ((PHP8) exceedone/exment v5.0.2 and earlier and exceedone/laravel-admin v3.0.0 and earlier, (PHP7) exceedone/exment v4.4.2 and earlier and exceedone/laravel-admin v2.2.2 and earlier) allows a remote authenticated attacker to inject an arbitrary script.
network
low complexity
exceedone CWE-79
5.4
5.4