the-emmons/CVE-Disclosures

Releases0

A repository of details about CVE-assigned vulnerabilities reported by Ryan Emmons.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-43177 ↗	Nov 18, 2023Saturday, 18 November 2023, 00:15	9.8 CRITICAL	—
CrushFTP prior to 10.5.1 is vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes.
CVE-2022-29152 ↗	Apr 28, 2022Thursday, 28 April 2022, 13:15	6.1 MEDIUM	4.3 MEDIUM
The Ericom PowerTerm WebConnect 6.0 login portal can unsafely write an XSS payload from the AppPortal cookie into the page.