Vulnerabilities > Rukovoditel

DATE CVE VULNERABILITY TITLE RISK
2023-01-30 CVE-2022-48175 Code Injection vulnerability in Rukovoditel 3.2.1
Rukovoditel v3.2.1 was discovered to contain a remote code execution (RCE) vulnerability in the component /rukovoditel/index.php?module=dashboard/ajax_request.
network
low complexity
rukovoditel CWE-94
critical
9.8
2022-12-05 CVE-2022-45020 Cross-site Scripting vulnerability in Rukovoditel 3.2.1
Rukovoditel v3.2.1 was discovered to contain a DOM-based cross-site scripting (XSS) vulnerability in the component /rukovoditel/index.php?module=users/login.
network
low complexity
rukovoditel CWE-79
8.8
2022-12-02 CVE-2022-44944 Cross-site Scripting vulnerability in Rukovoditel 3.2.1
Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add Announcement function at /index.php?module=help_pages/pages&entities_id=24.
network
low complexity
rukovoditel CWE-79
5.4
2022-12-02 CVE-2022-44945 SQL Injection vulnerability in Rukovoditel 3.2.1
Rukovoditel v3.2.1 was discovered to contain a SQL injection vulnerability via the heading_field_id parameter.
network
low complexity
rukovoditel CWE-89
critical
9.8
2022-12-02 CVE-2022-44946 Cross-site Scripting vulnerability in Rukovoditel 3.2.1
Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add Page function at /index.php?module=help_pages/pages&entities_id=24.
network
low complexity
rukovoditel CWE-79
5.4
2022-12-02 CVE-2022-44947 Cross-site Scripting vulnerability in Rukovoditel 3.2.1
Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Highlight Row feature at /index.php?module=entities/listing_types&entities_id=24.
network
low complexity
rukovoditel CWE-79
5.4
2022-12-02 CVE-2022-44948 Cross-site Scripting vulnerability in Rukovoditel 3.2.1
Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Entities Group feature at/index.php?module=entities/entities_groups.
network
low complexity
rukovoditel CWE-79
5.4
2022-12-02 CVE-2022-44949 Cross-site Scripting vulnerability in Rukovoditel 3.2.1
Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add New Field function at /index.php?module=entities/fields&entities_id=24.
network
low complexity
rukovoditel CWE-79
5.4
2022-12-02 CVE-2022-44950 Cross-site Scripting vulnerability in Rukovoditel 3.2.1
Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add New Field function at /index.php?module=entities/fields&entities_id=24.
network
low complexity
rukovoditel CWE-79
5.4
2022-12-02 CVE-2022-44951 Cross-site Scripting vulnerability in Rukovoditel 3.2.1
Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add New Form tab function at /index.php?module=entities/forms&entities_id=24.
network
low complexity
rukovoditel CWE-79
5.4