Total
35377 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-16804 | 1 Ucms Project | 1 Ucms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in UCMS 1.4.6. There is XSS in the title bar, as demonstrated by a do=list request. | |||||
| CVE-2018-16786 | 1 Dedecms | 1 Dedecms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| DedeCMS 5.7 SP2 allows XSS via an onhashchange attribute in the msg parameter to /plus/feedback_ajax.php. | |||||
| CVE-2018-16780 | 1 Complete Responsive Cms Blog Project | 1 Complete Responsive Cms Blog | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Complete Responsive CMS Blog through 2018-05-20 has XSS via a comment. | |||||
| CVE-2018-16779 | 1 Blogcms Project | 1 Blogcms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| BlogCMS through 2016-10-25 has XSS via a comment. | |||||
| CVE-2018-16778 | 1 Jenzabar | 1 Jenzabar | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in Jenzabar v8.2.1 through 9.2.0 allows remote attackers to inject arbitrary web script or HTML via the query parameter (aka the Search Field). | |||||
| CVE-2018-16776 | 1 Creatiwity | 1 Witycms | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| wityCMS 0.6.2 has XSS via the "Site Name" field found in the "Contact" "Configuration" page. | |||||
| CVE-2018-16775 | 1 Victor Cms Project | 1 Victor Cms | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| An issue was discovered in Victor CMS through 2018-05-10. There is XSS via the site name in the "Categories" menu. | |||||
| CVE-2018-16773 | 1 Easycms | 1 Easycms | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| EasyCMS 1.5 allows XSS via the index.php?s=/admin/fields/update/navTabId/listfields/callbackType/closeCurrent content field. | |||||
| CVE-2018-16772 | 1 Hoosk | 1 Hoosk | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| Hoosk v1.7.0 allows XSS via the Navigation Title of a new page entered at admin/pages/new. | |||||
| CVE-2018-16759 | 1 Easycms | 1 Easycms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The removeXSS function in App/Common/common.php (called from App/Modules/Index/Action/SearchAction.class.php) in EasyCMS v1.4 allows XSS via an onhashchange event. | |||||
| CVE-2018-16736 | 1 Rcfilters Project | 1 Rcfilters | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| In the rcfilters plugin 2.1.6 for Roundcube, XSS exists via the _whatfilter and _messages parameters (in the Filters section of the settings). | |||||
| CVE-2018-16730 | 1 Chshcms | 1 Cscms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| \upload\plugins\sys\Install.php in CScms 4.1 has XSS via the site name. | |||||
| CVE-2018-16729 | 1 Pluck-cms | 1 Pluck | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Pluck 4.7.7 allows XSS via an SVG file that contains Javascript in a SCRIPT element, and is uploaded via pages->manage under admin.php?action=files. | |||||
| CVE-2018-16728 | 1 Feindura | 1 Feindura | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| feindura 2.0.7 allows XSS via the tags field of a new page created at index.php?category=0&page=new. | |||||
| CVE-2018-16727 | 1 Razorcms | 1 Razorcms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| razorCMS 3.4.7 allows Stored XSS via the keywords of the homepage within the settings component. | |||||
| CVE-2018-16726 | 1 Razorcms | 1 Razorcms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| razorCMS 3.4.7 allows HTML injection via the description of the homepage within the settings component. | |||||
| CVE-2018-16725 | 1 Baijiacms Project | 1 Baijiacms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue is discovered in baijiacms V4. XSS exists via the assets/weengine/components/zclip/ZeroClipboard.swf id parameter, aka "Non-standard use of the flash component." | |||||
| CVE-2018-16718 | 1 Nih | 1 Ncbi Toolbox | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| An XSS vulnerability exists in wwwblast.c in the 2.0.7 through 2.2.26 legacy versions of the NCBI ToolBox via a crafted -z1 argument. | |||||
| CVE-2018-16655 | 1 Gxlcms | 1 Gxlcms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Gxlcms 1.0 has XSS via the PATH_INFO to gx/lib/ThinkPHP/Tpl/ThinkException.tpl.php. | |||||
| CVE-2018-16654 | 1 Zurmo | 1 Zurmo Crm | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Zurmo 3.2.4 Stable allows XSS via app/index.php/accounts/default/details?id=2&kanbanBoard=1&openToTaskId=1. | |||||