From bc338b54a618d4cecff797b2cfbcf411b296666c Mon Sep 17 00:00:00 2001 From: security tracker role Date: Tue, 4 Jan 2022 08:10:11 +0000 Subject: automatic update --- data/CVE/2018.list | 2 +- data/CVE/2020.list | 4 +- data/CVE/2021.list | 211 ++++++++++++------------- data/CVE/2022.list | 446 ++++++++++++++++++++++++++++++++++++++++++++++++++++- 4 files changed, 554 insertions(+), 109 deletions(-) diff --git a/data/CVE/2018.list b/data/CVE/2018.list index 05fecbe7cd..19a79fc5e3 100644 --- a/data/CVE/2018.list +++ b/data/CVE/2018.list @@ -25603,7 +25603,7 @@ CVE-2018-11691 (Emerson DeltaV Smart Switch Command Center application, availabl NOT-FOR-US: Emerson devices CVE-2018-11690 (The Balbooa Gridbox extension version 2.4.0 and previous versions for ...) NOT-FOR-US: Balbooa Gridbox extension for Joomla! -CVE-2018-11689 (Smart Viewer in Samsung Web Viewer for Samsung DVR is vulnerable to cr ...) +CVE-2018-11689 (Web Viewer for Hanwha DVR 2.17 and Smart Viewer in Samsung Web Viewer ...) NOT-FOR-US: Smart Viewer in Samsung Web Viewer for Samsung DVR CVE-2018-11688 (Ignite Realtime Openfire before 3.9.2 is vulnerable to cross-site scri ...) NOT-FOR-US: Ignite Realtime Openfire diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 8647c164ed..fd5798e971 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -19240,8 +19240,8 @@ CVE-2020-23028 RESERVED CVE-2020-23027 RESERVED -CVE-2020-23026 - RESERVED +CVE-2020-23026 (A NULL pointer dereference in the main() function dhry_1.c of dhryston ...) + TODO: check CVE-2020-23025 RESERVED CVE-2020-23024 diff --git a/data/CVE/2021.list b/data/CVE/2021.list index e3af063c77..978880e5c6 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -1,3 +1,5 @@ +CVE-2021-46130 + RESERVED CVE-2021-46129 RESERVED CVE-2021-46128 @@ -782,8 +784,8 @@ CVE-2021-45831 RESERVED CVE-2021-45830 RESERVED -CVE-2021-45829 - RESERVED +CVE-2021-45829 (HDF5 1.13.1-1 is affected by: segmentation fault, which causes a Denia ...) + TODO: check CVE-2021-45828 RESERVED CVE-2021-45827 @@ -806,7 +808,8 @@ CVE-2021-45819 RESERVED CVE-2021-45818 (SAFARI Montage 8.7.32 is affected by a CRLF injection vulnerability wh ...) NOT-FOR-US: SAFARI Montage -CVE-2021-45817 (Web Viewer for Hanwha DVR version 2.17 is affected by a Cross Site Scr ...) +CVE-2021-45817 + REJECTED NOT-FOR-US: Web Viewer for Hanwha DVR CVE-2021-45816 RESERVED @@ -5579,8 +5582,8 @@ CVE-2021-43944 RESERVED CVE-2021-43943 RESERVED -CVE-2021-43942 - RESERVED +CVE-2021-43942 (Affected versions of Atlassian Jira Server and Data Center allow remot ...) + TODO: check CVE-2021-43941 RESERVED CVE-2021-43940 @@ -15088,56 +15091,56 @@ CVE-2021-39992 RESERVED CVE-2021-39991 RESERVED -CVE-2021-39990 - RESERVED -CVE-2021-39989 - RESERVED -CVE-2021-39988 - RESERVED -CVE-2021-39987 - RESERVED +CVE-2021-39990 (The screen lock module has a Stack-based Buffer Overflow vulnerability ...) + TODO: check +CVE-2021-39989 (The HwNearbyMain module has a Exposure of Sensitive Information to an ...) + TODO: check +CVE-2021-39988 (The HwNearbyMain module has a NULL Pointer Dereference vulnerability.S ...) + TODO: check +CVE-2021-39987 (The HwNearbyMain module has a Data Processing Errors vulnerability.Suc ...) + TODO: check CVE-2021-39986 RESERVED -CVE-2021-39985 - RESERVED -CVE-2021-39984 - RESERVED -CVE-2021-39983 - RESERVED -CVE-2021-39982 - RESERVED -CVE-2021-39981 - RESERVED -CVE-2021-39980 - RESERVED -CVE-2021-39979 - RESERVED -CVE-2021-39978 - RESERVED -CVE-2021-39977 - RESERVED +CVE-2021-39985 (The HwNearbyMain module has a Improper Validation of Array Index vulne ...) + TODO: check +CVE-2021-39984 (Huawei idap module has a Out-of-bounds Read vulnerability.Successful e ...) + TODO: check +CVE-2021-39983 (The HwNearbyMain module has a Data Processing Errors vulnerability.Suc ...) + TODO: check +CVE-2021-39982 (Phone Manager application has a Improper Privilege Management vulnerab ...) + TODO: check +CVE-2021-39981 (Chang Lian application has a vulnerability which can be maliciously ex ...) + TODO: check +CVE-2021-39980 (Telephony application has a Exposure of Sensitive Information to an Un ...) + TODO: check +CVE-2021-39979 (HHEE system has a Code Injection vulnerability.Successful exploitation ...) + TODO: check +CVE-2021-39978 (Telephony application has a SQL Injection vulnerability.Successful exp ...) + TODO: check +CVE-2021-39977 (The HwNearbyMain module has a NULL Pointer Dereference vulnerability.S ...) + TODO: check CVE-2021-39976 (There is a privilege escalation vulnerability in CloudEngine 5800 V200 ...) NOT-FOR-US: Huawei -CVE-2021-39975 - RESERVED -CVE-2021-39974 - RESERVED -CVE-2021-39973 - RESERVED -CVE-2021-39972 - RESERVED -CVE-2021-39971 - RESERVED -CVE-2021-39970 - RESERVED -CVE-2021-39969 - RESERVED -CVE-2021-39968 - RESERVED -CVE-2021-39967 - RESERVED -CVE-2021-39966 - RESERVED +CVE-2021-39975 (Hilinksvc has a Data Processing Errors vulnerability.Successful exploi ...) + TODO: check +CVE-2021-39974 (There is an Out-of-bounds read in Smartphones.Successful exploitation ...) + TODO: check +CVE-2021-39973 (There is a Null pointer dereference in Smartphones.Successful exploita ...) + TODO: check +CVE-2021-39972 (MyHuawei-App has a Exposure of Sensitive Information to an Unauthorize ...) + TODO: check +CVE-2021-39971 (Password vault has a External Control of System or Configuration Setti ...) + TODO: check +CVE-2021-39970 (HwPCAssistant has a Improper Input Validation vulnerability.Successful ...) + TODO: check +CVE-2021-39969 (There is an Unauthorized file access vulnerability in Smartphones.Succ ...) + TODO: check +CVE-2021-39968 (Changlian Blocklist has a Business Logic Errors vulnerability .Success ...) + TODO: check +CVE-2021-39967 (There is a Vulnerability of obtaining broadcast information improperly ...) + TODO: check +CVE-2021-39966 (There is an Uninitialized AOD driver structure in Smartphones.Successf ...) + TODO: check CVE-2021-39965 RESERVED CVE-2021-39964 @@ -18419,8 +18422,8 @@ CVE-2021-38578 RESERVED CVE-2021-38577 RESERVED -CVE-2021-38576 - RESERVED +CVE-2021-38576 (A BIOS bug in firmware for a particular PC model leaves the Platform a ...) + TODO: check CVE-2021-38575 (NetworkPkg/IScsiDxe has remotely exploitable buffer overflows. ...) - edk2 2021.08-1 [bullseye] - edk2 (Minor issue) @@ -21998,56 +22001,56 @@ CVE-2021-37136 (The Bzip2 decompression decoder function doesn't allow setting s NOTE: Fixed by: https://github.com/netty/netty/commit/41d3d61a61608f2223bb364955ab2045dd5e4020 (netty-4.1.68.Final) CVE-2021-37135 RESERVED -CVE-2021-37134 - RESERVED -CVE-2021-37133 - RESERVED -CVE-2021-37132 - RESERVED +CVE-2021-37134 (Location-related APIs exists a Race Condition vulnerability.Successful ...) + TODO: check +CVE-2021-37133 (There is an Unauthorized file access vulnerability in Smartphones.Succ ...) + TODO: check +CVE-2021-37132 (PackageManagerService has a Permissions, Privileges, and Access Contro ...) + TODO: check CVE-2021-37131 (There is a CSV injection vulnerability in ManageOne, iManager NetEco a ...) NOT-FOR-US: Huawei CVE-2021-37130 (There is a path traversal vulnerability in Huawei FusionCube 6.0.2.The ...) NOT-FOR-US: Huawei CVE-2021-37129 (There is an out of bounds write vulnerability in some Huawei products. ...) NOT-FOR-US: Huawei -CVE-2021-37128 - RESERVED +CVE-2021-37128 (HwPCAssistant has a Path Traversal vulnerability .Successful exploitat ...) + TODO: check CVE-2021-37127 (There is a signature management vulnerability in some huawei products. ...) NOT-FOR-US: Huawei -CVE-2021-37126 - RESERVED -CVE-2021-37125 - RESERVED +CVE-2021-37126 (Arbitrary file has a Exposure of Sensitive Information to an Unauthori ...) + TODO: check +CVE-2021-37125 (Arbitrary file has a Exposure of Sensitive Information to an Unauthori ...) + TODO: check CVE-2021-37124 (There is a path traversal vulnerability in Huawei PC product. Because ...) NOT-FOR-US: Huawei CVE-2021-37123 (There is an improper authentication vulnerability in Hero-CT060 before ...) NOT-FOR-US: Hero-CT060 CVE-2021-37122 (There is a use-after-free (UAF) vulnerability in Huawei products. An a ...) NOT-FOR-US: Huawei -CVE-2021-37121 - RESERVED -CVE-2021-37120 - RESERVED -CVE-2021-37119 - RESERVED -CVE-2021-37118 - RESERVED -CVE-2021-37117 - RESERVED -CVE-2021-37116 - RESERVED +CVE-2021-37121 (There is a Configuration defects in Smartphone.Successful exploitation ...) + TODO: check +CVE-2021-37120 (There is a Double free vulnerability in Smartphone.Successful exploita ...) + TODO: check +CVE-2021-37119 (There is a Service logic vulnerability in Smartphone.Successful exploi ...) + TODO: check +CVE-2021-37118 (The HwNearbyMain module has a Improper Handling of Exceptional Conditi ...) + TODO: check +CVE-2021-37117 (There is a Service logic vulnerability in Smartphone.Successful exploi ...) + TODO: check +CVE-2021-37116 (PCManager has a Weaknesses Introduced During Design vulnerability .Suc ...) + TODO: check CVE-2021-37115 RESERVED -CVE-2021-37114 - RESERVED -CVE-2021-37113 - RESERVED -CVE-2021-37112 - RESERVED -CVE-2021-37111 - RESERVED -CVE-2021-37110 - RESERVED +CVE-2021-37114 (There is an Out-of-bounds read vulnerability in Smartphone.Successful ...) + TODO: check +CVE-2021-37113 (There is a Privilege escalation vulnerability with the file system com ...) + TODO: check +CVE-2021-37112 (Hisuite module has a External Control of System or Configuration Setti ...) + TODO: check +CVE-2021-37111 (There is a Memory leakage vulnerability in Smartphone.Successful explo ...) + TODO: check +CVE-2021-37110 (There is a Timing design defects in Smartphone.Successful exploitation ...) + TODO: check CVE-2021-37109 RESERVED CVE-2021-37108 @@ -22070,8 +22073,8 @@ CVE-2021-37100 (There is a Improper Authentication vulnerability in Huawei Smart NOT-FOR-US: Huawei CVE-2021-37099 (There is a Path Traversal vulnerability in Huawei Smartphone.Successfu ...) NOT-FOR-US: Huawei -CVE-2021-37098 - RESERVED +CVE-2021-37098 (Hilinksvc service exists a Data Processing Errors vulnerability .Succe ...) + TODO: check CVE-2021-37097 (There is a Code Injection vulnerability in Huawei Smartphone.Successfu ...) NOT-FOR-US: Huawei CVE-2021-37096 (There is a Improper Input Validation vulnerability in Huawei Smartphon ...) @@ -54798,7 +54801,7 @@ CVE-2021-23465 RESERVED CVE-2021-23464 RESERVED -CVE-2021-23463 (The package com.h2database:h2 from 0 and before 2.0.202 are vulnerable ...) +CVE-2021-23463 (The package com.h2database:h2 from 1.4.198 and before 2.0.202 are vuln ...) TODO: check CVE-2021-23462 RESERVED @@ -61055,16 +61058,16 @@ CVE-2021-20874 (Incorrect permission assignment for critical resource vulnerabil NOT-FOR-US: GroupSession CVE-2021-20873 (Yappli is an application development platform which provides the funct ...) TODO: check -CVE-2021-20872 - RESERVED -CVE-2021-20871 - RESERVED -CVE-2021-20870 - RESERVED -CVE-2021-20869 - RESERVED -CVE-2021-20868 - RESERVED +CVE-2021-20872 (Protection mechanism failure vulnerability in KONICA MINOLTA bizhub se ...) + TODO: check +CVE-2021-20871 (Exposure of sensitive information to an unauthorized actor vulnerabili ...) + TODO: check +CVE-2021-20870 (Improper handling of exceptional conditions vulnerability in KONICA MI ...) + TODO: check +CVE-2021-20869 (Exposure of sensitive information to an unauthorized actor vulnerabili ...) + TODO: check +CVE-2021-20868 (Incorrect authorization vulnerability in KONICA MINOLTA bizhub series ...) + TODO: check CVE-2021-20867 (Advanced Custom Fields versions prior to 5.11 and Advanced Custom Fiel ...) NOT-FOR-US: WordPress plugin CVE-2021-20866 (Advanced Custom Fields versions prior to 5.11 and Advanced Custom Fiel ...) @@ -62975,10 +62978,10 @@ CVE-2021-20150 (Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses NOT-FOR-US: Trendnet CVE-2021-20149 (Trendnet AC2600 TEW-827DRU version 2.08B01 does not have sufficient ac ...) NOT-FOR-US: Trendnet -CVE-2021-20148 - RESERVED -CVE-2021-20147 - RESERVED +CVE-2021-20148 (ManageEngine ADSelfService Plus below build 6116 stores the password p ...) + TODO: check +CVE-2021-20147 (ManageEngine ADSelfService Plus below build 6116 contains an observabl ...) + TODO: check CVE-2021-20146 (An unprotected ssh private key exists on the Gryphon devices which cou ...) NOT-FOR-US: Gryphon Tower routers CVE-2021-20145 (Gryphon Tower routers contain an unprotected openvpn configuration fil ...) diff --git a/data/CVE/2022.list b/data/CVE/2022.list index 1cbe0c7da1..1fb478de1f 100644 --- a/data/CVE/2022.list +++ b/data/CVE/2022.list @@ -1,3 +1,445 @@ +CVE-2022-22526 + RESERVED +CVE-2022-22525 + RESERVED +CVE-2022-22524 + RESERVED +CVE-2022-22523 + RESERVED +CVE-2022-22522 + RESERVED +CVE-2022-22521 + RESERVED +CVE-2022-22520 + RESERVED +CVE-2022-22519 + RESERVED +CVE-2022-22518 + RESERVED +CVE-2022-22517 + RESERVED +CVE-2022-22516 + RESERVED +CVE-2022-22515 + RESERVED +CVE-2022-22514 + RESERVED +CVE-2022-22513 + RESERVED +CVE-2022-22512 + RESERVED +CVE-2022-22511 + RESERVED +CVE-2022-22510 + RESERVED +CVE-2022-22509 + RESERVED +CVE-2022-22508 + RESERVED +CVE-2022-22507 + RESERVED +CVE-2022-22506 + RESERVED +CVE-2022-22505 + RESERVED +CVE-2022-22504 + RESERVED +CVE-2022-22503 + RESERVED +CVE-2022-22502 + RESERVED +CVE-2022-22501 + RESERVED +CVE-2022-22500 + RESERVED +CVE-2022-22499 + RESERVED +CVE-2022-22498 + RESERVED +CVE-2022-22497 + RESERVED +CVE-2022-22496 + RESERVED +CVE-2022-22495 + RESERVED +CVE-2022-22494 + RESERVED +CVE-2022-22493 + RESERVED +CVE-2022-22492 + RESERVED +CVE-2022-22491 + RESERVED +CVE-2022-22490 + RESERVED +CVE-2022-22489 + RESERVED +CVE-2022-22488 + RESERVED +CVE-2022-22487 + RESERVED +CVE-2022-22486 + RESERVED +CVE-2022-22485 + RESERVED +CVE-2022-22484 + RESERVED +CVE-2022-22483 + RESERVED +CVE-2022-22482 + RESERVED +CVE-2022-22481 + RESERVED +CVE-2022-22480 + RESERVED +CVE-2022-22479 + RESERVED +CVE-2022-22478 + RESERVED +CVE-2022-22477 + RESERVED +CVE-2022-22476 + RESERVED +CVE-2022-22475 + RESERVED +CVE-2022-22474 + RESERVED +CVE-2022-22473 + RESERVED +CVE-2022-22472 + RESERVED +CVE-2022-22471 + RESERVED +CVE-2022-22470 + RESERVED +CVE-2022-22469 + RESERVED +CVE-2022-22468 + RESERVED +CVE-2022-22467 + RESERVED +CVE-2022-22466 + RESERVED +CVE-2022-22465 + RESERVED +CVE-2022-22464 + RESERVED +CVE-2022-22463 + RESERVED +CVE-2022-22462 + RESERVED +CVE-2022-22461 + RESERVED +CVE-2022-22460 + RESERVED +CVE-2022-22459 + RESERVED +CVE-2022-22458 + RESERVED +CVE-2022-22457 + RESERVED +CVE-2022-22456 + RESERVED +CVE-2022-22455 + RESERVED +CVE-2022-22454 + RESERVED +CVE-2022-22453 + RESERVED +CVE-2022-22452 + RESERVED +CVE-2022-22451 + RESERVED +CVE-2022-22450 + RESERVED +CVE-2022-22449 + RESERVED +CVE-2022-22448 + RESERVED +CVE-2022-22447 + RESERVED +CVE-2022-22446 + RESERVED +CVE-2022-22445 + RESERVED +CVE-2022-22444 + RESERVED +CVE-2022-22443 + RESERVED +CVE-2022-22442 + RESERVED +CVE-2022-22441 + RESERVED +CVE-2022-22440 + RESERVED +CVE-2022-22439 + RESERVED +CVE-2022-22438 + RESERVED +CVE-2022-22437 + RESERVED +CVE-2022-22436 + RESERVED +CVE-2022-22435 + RESERVED +CVE-2022-22434 + RESERVED +CVE-2022-22433 + RESERVED +CVE-2022-22432 + RESERVED +CVE-2022-22431 + RESERVED +CVE-2022-22430 + RESERVED +CVE-2022-22429 + RESERVED +CVE-2022-22428 + RESERVED +CVE-2022-22427 + RESERVED +CVE-2022-22426 + RESERVED +CVE-2022-22425 + RESERVED +CVE-2022-22424 + RESERVED +CVE-2022-22423 + RESERVED +CVE-2022-22422 + RESERVED +CVE-2022-22421 + RESERVED +CVE-2022-22420 + RESERVED +CVE-2022-22419 + RESERVED +CVE-2022-22418 + RESERVED +CVE-2022-22417 + RESERVED +CVE-2022-22416 + RESERVED +CVE-2022-22415 + RESERVED +CVE-2022-22414 + RESERVED +CVE-2022-22413 + RESERVED +CVE-2022-22412 + RESERVED +CVE-2022-22411 + RESERVED +CVE-2022-22410 + RESERVED +CVE-2022-22409 + RESERVED +CVE-2022-22408 + RESERVED +CVE-2022-22407 + RESERVED +CVE-2022-22406 + RESERVED +CVE-2022-22405 + RESERVED +CVE-2022-22404 + RESERVED +CVE-2022-22403 + RESERVED +CVE-2022-22402 + RESERVED +CVE-2022-22401 + RESERVED +CVE-2022-22400 + RESERVED +CVE-2022-22399 + RESERVED +CVE-2022-22398 + RESERVED +CVE-2022-22397 + RESERVED +CVE-2022-22396 + RESERVED +CVE-2022-22395 + RESERVED +CVE-2022-22394 + RESERVED +CVE-2022-22393 + RESERVED +CVE-2022-22392 + RESERVED +CVE-2022-22391 + RESERVED +CVE-2022-22390 + RESERVED +CVE-2022-22389 + RESERVED +CVE-2022-22388 + RESERVED +CVE-2022-22387 + RESERVED +CVE-2022-22386 + RESERVED +CVE-2022-22385 + RESERVED +CVE-2022-22384 + RESERVED +CVE-2022-22383 + RESERVED +CVE-2022-22382 + RESERVED +CVE-2022-22381 + RESERVED +CVE-2022-22380 + RESERVED +CVE-2022-22379 + RESERVED +CVE-2022-22378 + RESERVED +CVE-2022-22377 + RESERVED +CVE-2022-22376 + RESERVED +CVE-2022-22375 + RESERVED +CVE-2022-22374 + RESERVED +CVE-2022-22373 + RESERVED +CVE-2022-22372 + RESERVED +CVE-2022-22371 + RESERVED +CVE-2022-22370 + RESERVED +CVE-2022-22369 + RESERVED +CVE-2022-22368 + RESERVED +CVE-2022-22367 + RESERVED +CVE-2022-22366 + RESERVED +CVE-2022-22365 + RESERVED +CVE-2022-22364 + RESERVED +CVE-2022-22363 + RESERVED +CVE-2022-22362 + RESERVED +CVE-2022-22361 + RESERVED +CVE-2022-22360 + RESERVED +CVE-2022-22359 + RESERVED +CVE-2022-22358 + RESERVED +CVE-2022-22357 + RESERVED +CVE-2022-22356 + RESERVED +CVE-2022-22355 + RESERVED +CVE-2022-22354 + RESERVED +CVE-2022-22353 + RESERVED +CVE-2022-22352 + RESERVED +CVE-2022-22351 + RESERVED +CVE-2022-22350 + RESERVED +CVE-2022-22349 + RESERVED +CVE-2022-22348 + RESERVED +CVE-2022-22347 + RESERVED +CVE-2022-22346 + RESERVED +CVE-2022-22345 + RESERVED +CVE-2022-22344 + RESERVED +CVE-2022-22343 + RESERVED +CVE-2022-22342 + RESERVED +CVE-2022-22341 + RESERVED +CVE-2022-22340 + RESERVED +CVE-2022-22339 + RESERVED +CVE-2022-22338 + RESERVED +CVE-2022-22337 + RESERVED +CVE-2022-22336 + RESERVED +CVE-2022-22335 + RESERVED +CVE-2022-22334 + RESERVED +CVE-2022-22333 + RESERVED +CVE-2022-22332 + RESERVED +CVE-2022-22331 + RESERVED +CVE-2022-22330 + RESERVED +CVE-2022-22329 + RESERVED +CVE-2022-22328 + RESERVED +CVE-2022-22327 + RESERVED +CVE-2022-22326 + RESERVED +CVE-2022-22325 + RESERVED +CVE-2022-22324 + RESERVED +CVE-2022-22323 + RESERVED +CVE-2022-22322 + RESERVED +CVE-2022-22321 + RESERVED +CVE-2022-22320 + RESERVED +CVE-2022-22319 + RESERVED +CVE-2022-22318 + RESERVED +CVE-2022-22317 + RESERVED +CVE-2022-22316 + RESERVED +CVE-2022-22315 + RESERVED +CVE-2022-22314 + RESERVED +CVE-2022-22313 + RESERVED +CVE-2022-22312 + RESERVED +CVE-2022-22311 + RESERVED +CVE-2022-22310 + RESERVED +CVE-2022-22309 + RESERVED +CVE-2022-22308 + RESERVED +CVE-2022-22307 + RESERVED +CVE-2022-0087 + RESERVED CVE-2022-22306 RESERVED CVE-2022-22305 @@ -30,8 +472,8 @@ CVE-2022-0085 RESERVED CVE-2022-0084 RESERVED -CVE-2022-0083 - RESERVED +CVE-2022-0083 (livehelperchat is vulnerable to Generation of Error Message Containing ...) + TODO: check CVE-2022-0082 RESERVED CVE-2022-22293 (admin/limits.php in Dolibarr 7.0.2 allows HTML injection, as demonstra ...) -- cgit v1.2.3