Export limit exceeded: 347464 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347464 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-14966 | 1 Emlsoft Project | 1 Emlsoft | 2024-11-21 | N/A |
| An issue was discovered in EMLsoft 5.4.5. The eml/upload/eml/?action=user&do=add page allows CSRF. | ||||
| CVE-2018-14965 | 1 Emlsoft Project | 1 Emlsoft | 2024-11-21 | N/A |
| An issue was discovered in EMLsoft 5.4.5. The eml/upload/eml/?action=address&do=add page allows CSRF. | ||||
| CVE-2018-14964 | 1 Emlsoft Project | 1 Emlsoft | 2024-11-21 | N/A |
| An issue was discovered in EMLsoft 5.4.5. XSS exists via the eml/upload/eml/?action=address&do=edit page. | ||||
| CVE-2018-14963 | 1 Zzcms | 1 Zzcms | 2024-11-21 | N/A |
| zzcms 8.3 has CSRF via the admin/adminadd.php?action=add URI. | ||||
| CVE-2018-14962 | 1 Zzcms | 1 Zzcms | 2024-11-21 | N/A |
| zzcms 8.3 has stored XSS related to the content variable in user/manage.php and zt/show.php. | ||||
| CVE-2018-14961 | 1 Zzcms | 1 Zzcms | 2024-11-21 | N/A |
| dl/dl_sendmail.php in zzcms 8.3 has SQL Injection via the sql parameter. | ||||
| CVE-2018-14960 | 1 Xiao5ucompany Project | 1 Xiao5ucompany | 2024-11-21 | N/A |
| Xiao5uCompany 1.7 has CSRF via admin/Admin.asp. | ||||
| CVE-2018-14959 | 1 Weaselcms Project | 1 Weaselcms | 2024-11-21 | N/A |
| An issue was discovered in WeaselCMS v0.3.5. CSRF can create new pages via an index.php?b=pages&a=new URI. | ||||
| CVE-2018-14958 | 1 Weaselcms Project | 1 Weaselcms | 2024-11-21 | N/A |
| An issue was discovered in WeaselCMS v0.3.5. CSRF can update the website settings (such as the theme, title, and description) via index.php. | ||||
| CVE-2018-14957 | 1 Isweb | 1 Isweb | 2024-11-21 | N/A |
| CMS ISWEB 3.5.3 is vulnerable to directory traversal and local file download, as demonstrated by moduli/downloadFile.php?file=oggetto_documenti/../.././inc/config.php (one can take the control of the application because credentials are present in that config.php file). | ||||
| CVE-2018-14956 | 1 Isweb | 1 Isweb | 2024-11-21 | N/A |
| CMS ISWEB 3.5.3 is vulnerable to multiple SQL injection flaws. An attacker can inject malicious queries into the application and obtain sensitive information. | ||||
| CVE-2018-14955 | 1 Squirrelmail | 1 Squirrelmail | 2024-11-21 | N/A |
| The mail message display page in SquirrelMail through 1.4.22 has XSS via SVG animations (animate to attribute). | ||||
| CVE-2018-14954 | 1 Squirrelmail | 1 Squirrelmail | 2024-11-21 | N/A |
| The mail message display page in SquirrelMail through 1.4.22 has XSS via the formaction attribute. | ||||
| CVE-2018-14953 | 1 Squirrelmail | 1 Squirrelmail | 2024-11-21 | N/A |
| The mail message display page in SquirrelMail through 1.4.22 has XSS via a "<math xlink:href=" attack. | ||||
| CVE-2018-14952 | 1 Squirrelmail | 1 Squirrelmail | 2024-11-21 | N/A |
| The mail message display page in SquirrelMail through 1.4.22 has XSS via a "<math><maction xlink:href=" attack. | ||||
| CVE-2018-14951 | 1 Squirrelmail | 1 Squirrelmail | 2024-11-21 | N/A |
| The mail message display page in SquirrelMail through 1.4.22 has XSS via a "<form action='data:text" attack. | ||||
| CVE-2018-14950 | 1 Squirrelmail | 1 Squirrelmail | 2024-11-21 | N/A |
| The mail message display page in SquirrelMail through 1.4.22 has XSS via a "<svg><a xlink:href=" attack. | ||||
| CVE-2018-14948 | 1 Sound Project | 1 Sound | 2024-11-21 | N/A |
| An issue has been found in dilawar sound through 2017-11-27. The end of openWavFile in wav-file.cc has Mismatched Memory Management Routines (operator new [] versus operator delete). | ||||
| CVE-2018-14947 | 1 Flowpaper | 1 Pdf2json | 2024-11-21 | N/A |
| An issue has been found in PDF2JSON 0.69. XmlFontAccu::CSStyle in XmlFonts.cc has Mismatched Memory Management Routines (operator new [] versus operator delete). | ||||
| CVE-2018-14946 | 1 Flowpaper | 1 Pdf2json | 2024-11-21 | N/A |
| An issue has been found in PDF2JSON 0.69. The HtmlString class in ImgOutputDev.cc has Mismatched Memory Management Routines (malloc versus operator delete). | ||||