Vulnerabilities > Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2022-08-18	CVE-2021-30071	Cross-site Scripting vulnerability in Hestiacp A cross-site scripting (XSS) vulnerability in /admin/list_key.html of HestiaCP before v1.3.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. network hestiacp CWE-79	4.3
2022-07-27	CVE-2022-36880	Cross-site Scripting vulnerability in Webmin Usermin The Read Mail module in Webmin 1.995 and Usermin through 1.850 allows XSS via a crafted HTML e-mail message. network webmin CWE-79	4.3
2022-07-17	CVE-2022-26352	Unrestricted Upload of File with Dangerous Type vulnerability in Dotcms An issue was discovered in the ContentResource API in dotCMS 3.0 through 22.02. network dotcms CWE-434	6.8
2022-07-17	CVE-2022-29286	Allocation of Resources Without Limits or Throttling vulnerability in Pexip Infinity Pexip Infinity 27 before 28.0 allows remote attackers to trigger excessive resource consumption and termination because of registrar resource mishandling. network low complexity pexip CWE-770	5.0
2022-07-17	CVE-2022-25357	Exposure of Resource to Wrong Sphere vulnerability in Pexip Infinity 27.0/27.1 Pexip Infinity 27.x before 27.2 has Improper Access Control. network low complexity pexip CWE-668	5.0
2022-07-17	CVE-2022-26654	Injection vulnerability in Pexip Infinity Pexip Infinity before 27.3 allows remote attackers to force a software abort via HTTP. network low complexity pexip CWE-74	5.0
2022-07-17	CVE-2022-26655	Improper Input Validation vulnerability in Pexip Infinity 27.0/27.1/27.2 Pexip Infinity 27.x before 27.3 has Improper Input Validation. network low complexity pexip CWE-20	5.0
2022-07-17	CVE-2022-26656	Unspecified vulnerability in Pexip Infinity Pexip Infinity before 27.3 allows remote attackers to trigger a software abort, and possibly enumerate usernames, via One Touch Join. network low complexity pexip	6.4
2022-07-17	CVE-2022-26657	Unspecified vulnerability in Pexip Infinity Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join. network low complexity pexip	5.0
2022-07-17	CVE-2022-27928	Unspecified vulnerability in Pexip Infinity 27.0/27.1/27.2 Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol. network low complexity pexip	5.0

Vulnerabilities > Medium {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Medium"}]}

Vulnerabilities > Medium