Total
35377 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-15605 | 1 Phpmyadmin | 1 Phpmyadmin | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in phpMyAdmin before 4.8.3. A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted file to manipulate an authenticated user who loads that file through the import feature. | |||||
| CVE-2018-15603 | 1 Victor Cms Project | 1 Victor Cms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in Victor CMS through 2018-05-10. There is XSS via the Author field of the "Leave a Comment" screen. | |||||
| CVE-2018-15602 | 1 Zyxel | 2 Vmg3312 B10b, Vmg3312 B10b Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Zyxel VMG3312 B10B devices are affected by a persistent XSS vulnerability via the pages/connectionStatus/connectionStatus-hostEntry.cmd hostname parameter. | |||||
| CVE-2018-15596 | 1 Mybb | 1 Mybb | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in inc/class_feedgeneration.php in MyBB 1.8.17. On the forum RSS Syndication page, one can generate a URL such as http://localhost/syndication.php?fid=&type=atom1.0&limit=15. The thread titles (within title elements of the generated XML documents) aren't sanitized, leading to XSS. | |||||
| CVE-2018-15585 | 1 Sir | 1 Gnuboard | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-Site Scripting (XSS) vulnerability in newwinform.php in GNUBOARD5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML via the popup title parameter. | |||||
| CVE-2018-15584 | 1 Sir | 1 Gnuboard | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-Site Scripting (XSS) vulnerability in adm/boardgroup_form_update.php and adm/boardgroup_list_update.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML. | |||||
| CVE-2018-15583 | 1 Sir | 1 Gnuboard | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-Site Scripting (XSS) vulnerability in point_list.php in GNUBOARD5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML via the popup title parameter. | |||||
| CVE-2018-15582 | 1 Sir | 1 Gnuboard | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-Site Scripting (XSS) vulnerability in adm/sms_admin/num_book_write.php and adm/sms_admin/num_book_update.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML. | |||||
| CVE-2018-15581 | 1 Sir | 1 Gnuboard | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-Site Scripting (XSS) vulnerability in adm/faqmasterformupdate.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML. | |||||
| CVE-2018-15580 | 1 Sir | 1 Gnuboard | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-Site Scripting (XSS) vulnerability in adm/contentformupdate.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML. | |||||
| CVE-2018-15574 | 1 Reprisesoftware | 1 Reprise License Manager | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in the license editor in Reprise License Manager (RLM) through 12.2BL2. It is a cross-site scripting vulnerability in the /goform/edit_lf_get_data lf parameter via GET or POST. NOTE: the vendor has stated "We do not consider this a vulnerability." | |||||
| CVE-2018-15570 | 1 Bijiadao | 1 Waimai Super Cms | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| In waimai Super Cms 20150505, there is stored XSS via the /admin.php/Foodcat/editsave fcname parameter. | |||||
| CVE-2018-15567 | 1 Cmsuno Project | 1 Cmsuno | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| CMSUno before 1.5.3 has XSS via the title field. | |||||
| CVE-2018-15566 | 1 Tp5cms Project | 1 Tp5cms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| tp5cms through 2017-05-25 has XSS via the admin.php/article/index.html q parameter. | |||||
| CVE-2018-15563 | 1 Intelliants | 1 Subrion | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| _core/admin/pages/add/ in Subrion CMS 4.2.1 has XSS via the titles[en] parameter. | |||||
| CVE-2018-15562 | 1 Isweb | 1 Isweb | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| CMS ISWEB 3.5.3 has XSS via the ordineRis, sezioneRicerca, or oggettiRicerca parameter to index.php. | |||||
| CVE-2018-15559 | 1 Xiuno | 1 Xiunobbs | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The editor in Xiuno BBS 4.0.4 allows stored XSS. | |||||
| CVE-2018-15546 | 1 Accusoft | 1 Prizmdoc | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Accusoft PrizmDoc version 13.3 and earlier contains a Stored Cross-Site Scripting issue through a crafted PDF file. | |||||
| CVE-2018-15538 | 1 Agentejo | 1 Cockpit | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Agentejo Cockpit has multiple Cross-Site Scripting vulnerabilities. | |||||
| CVE-2018-15533 | 1 Geutebrueck | 2 Re Porter 16, Re Porter 16 Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A reflected cross-site scripting vulnerability exists in Geutebrueck re_porter 16 before 7.8.974.20 by appending a query string to /modifychannel/exec or /images/*.png on TCP port 12005. | |||||