Export limit exceeded: 44039 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (44039 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-15582 | 1 Sir | 1 Gnuboard | 2024-11-21 | N/A |
| Cross-Site Scripting (XSS) vulnerability in adm/sms_admin/num_book_write.php and adm/sms_admin/num_book_update.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML. | ||||
| CVE-2018-15581 | 1 Sir | 1 Gnuboard | 2024-11-21 | N/A |
| Cross-Site Scripting (XSS) vulnerability in adm/faqmasterformupdate.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML. | ||||
| CVE-2018-15580 | 1 Sir | 1 Gnuboard | 2024-11-21 | N/A |
| Cross-Site Scripting (XSS) vulnerability in adm/contentformupdate.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML. | ||||
| CVE-2018-15570 | 1 Bijiadao | 1 Waimai Super Cms | 2024-11-21 | N/A |
| In waimai Super Cms 20150505, there is stored XSS via the /admin.php/Foodcat/editsave fcname parameter. | ||||
| CVE-2018-15567 | 1 Cmsuno Project | 1 Cmsuno | 2024-11-21 | N/A |
| CMSUno before 1.5.3 has XSS via the title field. | ||||
| CVE-2018-15566 | 1 Tp5cms Project | 1 Tp5cms | 2024-11-21 | N/A |
| tp5cms through 2017-05-25 has XSS via the admin.php/article/index.html q parameter. | ||||
| CVE-2018-15563 | 1 Intelliants | 1 Subrion | 2024-11-21 | N/A |
| _core/admin/pages/add/ in Subrion CMS 4.2.1 has XSS via the titles[en] parameter. | ||||
| CVE-2018-15562 | 1 Isweb | 1 Isweb | 2024-11-21 | N/A |
| CMS ISWEB 3.5.3 has XSS via the ordineRis, sezioneRicerca, or oggettiRicerca parameter to index.php. | ||||
| CVE-2018-15559 | 1 Xiuno | 1 Xiunobbs | 2024-11-21 | N/A |
| The editor in Xiuno BBS 4.0.4 allows stored XSS. | ||||
| CVE-2018-15546 | 1 Accusoft | 1 Prizmdoc | 2024-11-21 | N/A |
| Accusoft PrizmDoc version 13.3 and earlier contains a Stored Cross-Site Scripting issue through a crafted PDF file. | ||||
| CVE-2018-15538 | 1 Agentejo | 1 Cockpit | 2024-11-21 | N/A |
| Agentejo Cockpit has multiple Cross-Site Scripting vulnerabilities. | ||||
| CVE-2018-15533 | 1 Geutebrueck | 2 Re Porter 16, Re Porter 16 Firmware | 2024-11-21 | N/A |
| A reflected cross-site scripting vulnerability exists in Geutebrueck re_porter 16 before 7.8.974.20 by appending a query string to /modifychannel/exec or /images/*.png on TCP port 12005. | ||||
| CVE-2018-15530 | 1 Xerox | 2 Colorqube 8580, Colorqube 8580 Firmware | 2024-11-21 | N/A |
| Cross-site scripting (XSS) in the web interface of the Xerox ColorQube 8580 allows remote persistent injection of custom HTML / JavaScript code. | ||||
| CVE-2018-15528 | 1 Javasystemsolutions | 1 Sso Plugin | 2024-11-21 | N/A |
| Reflected Cross-Site Scripting exists in the Java System Solutions SSO plugin 4.0.13.1 for BMC MyIT. A remote attacker can abuse this issue to inject client-side scripts into the "select_sso()" function. The payload is triggered when the victim opens a prepared /ux/jss-sso/arslogin?[XSS] link and then clicks the "Login" button. | ||||
| CVE-2018-15512 | 1 Totemo | 1 Totemomail | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in the 'Authorisation Service' feature of totemomail 6.0.0 build 570 allows remote attackers to inject arbitrary web script or HTML. | ||||
| CVE-2018-15511 | 1 Totemo | 1 Totemomail | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in the 'Notification template' feature of totemomail 6.0.0 build 570 allows remote attackers to inject arbitrary web script or HTML. | ||||
| CVE-2018-15510 | 1 Totemo | 1 Totemomail | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in the 'Certificate' feature of totemomail 6.0.0 build 570 allows remote attackers to inject arbitrary web script or HTML. | ||||
| CVE-2018-15494 | 2 Debian, Dojotoolkit | 2 Debian Linux, Dojo | 2024-11-21 | N/A |
| In Dojo Toolkit before 1.14, there is unescaped string injection in dojox/Grid/DataGrid. | ||||
| CVE-2018-15491 | 1 Zemana | 1 Antilogger | 2024-11-21 | N/A |
| A vulnerability in the permission and encryption implementation of Zemana Anti-Logger 1.9.3.527 and prior (fixed in 1.9.3.602) allows an attacker to take control of the whitelisting feature (MyRules2.ini under %LOCALAPPDATA%\Zemana\ZALSDK) to permit execution of unauthorized applications (such as ones that record keystrokes). | ||||
| CVE-2018-15365 | 1 Trendmicro | 1 Deep Discovery Inspector | 2024-11-21 | N/A |
| A Reflected Cross-Site Scripting (XSS) vulnerability in Trend Micro Deep Discovery Inspector 3.85 and below could allow an attacker to bypass CSRF protection and conduct an attack on vulnerable installations. An attacker must be an authenticated user in order to exploit the vulnerability. | ||||