Total
35377 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-6900 | 1 Website Broker Script Project | 1 Website Broker Script | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| PHP Scripts Mall Website Broker Script 3.0.6 has XSS via the Last Name field on the My Profile page. | |||||
| CVE-2018-6891 | 1 Booking-wp-plugin | 1 Bookly | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Bookly #1 WordPress Booking Plugin Lite before 14.5 has XSS via a jQuery.ajax request to ng-payment_details_dialog.js. | |||||
| CVE-2018-6890 | 1 Wolfcms | 1 Wolf Cms | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| Cross-site scripting (XSS) vulnerability in Wolf CMS 0.8.3.1 via the page editing feature, as demonstrated by /?/admin/page/edit/3. | |||||
| CVE-2018-6878 | 1 Hot Scripts Clone Project | 1 Hot Scripts Clone | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) exists in the review section in PHP Scripts Mall Hot Scripts Clone Script Classified 3.1 via the title or description field. | |||||
| CVE-2018-6870 | 1 Website Seller Script Project | 1 Website Seller Script | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Reflected XSS exists in PHP Scripts Mall Website Seller Script 2.0.3 via the Listings Search feature. | |||||
| CVE-2018-6868 | 1 Groupon Clone Script Project | 1 Groupon Clone Script | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) exists in PHP Scripts Mall Slickdeals / DealNews / Groupon Clone Script 3.0.2 via a User Profile Field parameter. | |||||
| CVE-2018-6866 | 1 Learning And Examination Management System Script Project | 1 Learning And Examination Management System Script | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) exists in PHP Scripts Mall Learning and Examination Management System Script 2.3.1 via a crafted message. | |||||
| CVE-2018-6864 | 1 Multireligion Responsive Matrimonial Project | 1 Multireligion Responsive Matrimonial | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) exists in PHP Scripts Mall Multi religion Responsive Matrimonial 4.7.2 via a user profile update parameter. | |||||
| CVE-2018-6862 | 1 Bitcoin Mlm Project | 1 Bitcoin Mlm | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) exists in PHP Scripts Mall Bitcoin MLM Software 1.0.2 via a profile field. | |||||
| CVE-2018-6861 | 1 Lawyer Search Script Project | 1 Lawyer Search Script | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) exists in PHP Scripts Mall Lawyer Search Script 1.0.2 via a profile update parameter. | |||||
| CVE-2018-6858 | 1 Facebook Clone Script Project | 1 Facebook Clone Script | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross Site Scripting (XSS) exists in PHP Scripts Mall Facebook Clone Script. | |||||
| CVE-2018-6845 | 1 Olx Clone Script Project | 1 Olx Clone Script | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| PHP Scripts Mall Multi Language Olx Clone Script 2.0.6 has XSS via the Leave Comment field. | |||||
| CVE-2018-6844 | 1 Mybb | 1 Mybb | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| MyBB 1.8.14 has XSS via the Title or Description field on the Edit Forum screen. | |||||
| CVE-2018-6842 | 1 Kentico | 1 Kentico Cms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Kentico 10 before 10.0.50 and 11 before 11.0.3 has XSS in which a crafted URL results in improper construction of a system page. | |||||
| CVE-2018-6834 | 1 Etherpad | 1 Etherpad Lite | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| static/js/pad_utils.js in Etherpad Lite before v1.6.3 has XSS via window.location.href. | |||||
| CVE-2018-6824 | 1 Cozy | 1 Cozy | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cozy version 2 has XSS allowing remote attackers to obtain administrative access via JavaScript code in the url parameter to the /api/proxy URI, as demonstrated by an XMLHttpRequest call with an 'email:"attacker@example.com"' request, which can be followed by a password reset. | |||||
| CVE-2018-6811 | 1 Citrix | 2 Netscaler Application Delivery Controller Firmware, Netscaler Gateway Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Multiple cross-site scripting (XSS) vulnerabilities in Citrix NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to inject arbitrary web script or HTML via the Citrix NetScaler interface. | |||||
| CVE-2018-6796 | 1 Multilanguage Real Estate Mlm Script Project | 1 Multilanguage Real Estate Mlm Script | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| PHP Scripts Mall Multilanguage Real Estate MLM Script 3.0 has Stored XSS via every profile input field. | |||||
| CVE-2018-6795 | 1 Naukri Clone Script Project | 1 Naukri Clone Script | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| PHP Scripts Mall Naukri Clone Script 3.0.3 has Stored XSS via every profile input field. | |||||
| CVE-2018-6682 | 1 Mcafee | 1 True Key | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting Exposure in McAfee True Key (TK) 4.0.0.0 and earlier allows local users to expose confidential data via a crafted web site. | |||||