Total
42233 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-19915 | 1 Domainmod | 1 Domainmod | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
DomainMOD through 4.11.01 has XSS via the assets/edit/host.php Web Host Name or Web Host URL field.
|
|||||
| CVE-2018-19914 | 1 Domainmod | 1 Domainmod | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
DomainMOD through 4.11.01 has XSS via the assets/add/dns.php Profile Name or notes field.
|
|||||
| CVE-2018-19913 | 1 Domainmod | 1 Domainmod | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
DomainMOD through 4.11.01 has XSS via the assets/add/registrar-accounts.php UserName, Reseller ID, or notes field.
|
|||||
| CVE-2018-19903 | 1 Xsltcms.org Project | 1 Xsltcms.org | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Persistent XSS exists in XSLT CMS via the create/?action=items.edit&type=Page title field.
|
|||||
| CVE-2018-19902 | 1 No-cms Project | 1 No-cms | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
No-CMS 1.1.3 is prone to Persistent XSS via the blog/manage_article "keyword" parameter.
|
|||||
| CVE-2018-19901 | 1 No-cms Project | 1 No-cms | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
No-CMS 1.1.3 is prone to Persistent XSS via the blog/manage_article/index/ "article_title" parameter.
|
|||||
| CVE-2018-19892 | 1 Domainmod | 1 Domainmod | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
DomainMOD through 4.11.01 has XSS via the admin/dw/add-server.php DisplayName, HostName, or UserName field.
|
|||||
| CVE-2018-19877 | 1 Adiscon | 1 Loganalyzer | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
login.php in Adiscon LogAnalyzer before 4.1.7 has XSS via the Login Button Referer field.
|
|||||
| CVE-2018-19849 | 1 Yzmcms | 1 Yzmcms | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
An issue was discovered in YzmCMS 5.2. XSS exists via the admin/content/search.html searinfo parameter.
|
|||||
| CVE-2018-19845 | 1 Get-simple | 1 Getsimple Cms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
|
There is Stored XSS in GetSimple CMS 3.3.12 via the admin/edit.php "post-menu" parameter, a related issue to CVE-2018-16325.
|
|||||
| CVE-2018-19844 | 1 Frogcms Project | 1 Frogcms | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
FROG CMS 0.9.5 has XSS via the admin/?/snippet/add name parameter, which is mishandled during an edit action, a related issue to CVE-2018-10319.
|
|||||
| CVE-2018-19836 | 1 Metinfo | 1 Metinfo | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
In Metinfo 6.1.3, include/interface/applogin.php allows setting arbitrary HTTP headers (including the Cookie header), and common.inc.php allows registering variables from the $_COOKIE value. This issue can, for example, be exploited in conjunction with CVE-2018-19835 to bypass many XSS filters such as the Chrome XSS filter.
|
|||||
| CVE-2018-19835 | 1 Metinfo | 1 Metinfo | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Metinfo 6.1.3 has reflected XSS via the admin/column/move.php lang_columnerr4 parameter.
|
|||||
| CVE-2018-19828 | 1 Artica | 1 Integria Ims | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Artica Integria IMS 5.0.83 has XSS via the search_string parameter.
|
|||||
| CVE-2018-19822 | 1 Infovista | 1 Vistaportal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/SharedCriteria.jsp" has reflected XSS via the ConnPoolName or GroupId parameter.
|
|||||
| CVE-2018-19821 | 1 Infovista | 1 Vistaportal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/SecurityPolicies.jsp" has reflected XSS via the ConnPoolName parameter.
|
|||||
| CVE-2018-19820 | 1 Infovista | 1 Vistaportal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/Roles.jsp" has reflected XSS via the ConnPoolName parameter.
|
|||||
| CVE-2018-19819 | 1 Infovista | 1 Vistaportal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/Rights.jsp" has reflected XSS via the ConnPoolName parameter.
|
|||||
| CVE-2018-19818 | 1 Infovista | 1 Vistaportal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/Contacts.jsp" has reflected XSS via the ConnPoolName parameter.
|
|||||
| CVE-2018-19817 | 1 Infovista | 1 Vistaportal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/AdminAuthorisationFrame.jsp" has reflected XSS via the ConnPoolName or GroupId parameter.
|
|||||
| CVE-2018-19816 | 1 Infovista | 1 Vistaportal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/categorytree/ChooseCategory.jsp" has reflected XSS via the ConnPoolName parameter.
|
|||||
| CVE-2018-19815 | 1 Infovista | 1 Vistaportal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/UserPopupAddNewProp.jsp" has reflected XSS via the ConnPoolName parameter.
|
|||||
| CVE-2018-19814 | 1 Infovista | 1 Vistaportal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/Subscriptions.jsp" has reflected XSS via the ConnPoolName or GroupId parameter.
|
|||||
| CVE-2018-19813 | 1 Infovista | 1 Vistaportal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/Subscribers.jsp" has reflected XSS via the ConnPoolName or GroupId parameter.
|
|||||
| CVE-2018-19812 | 1 Infovista | 1 Vistaportal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/SubFolderPackages.jsp" has reflected XSS via the GroupId parameter.
|
|||||
| CVE-2018-19811 | 1 Infovista | 1 Vistaportal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/Import.jsp" has reflected XSS via the ConnPoolName parameter.
|
|||||
| CVE-2018-19810 | 1 Infovista | 1 Vistaportal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/GroupMove.jsp" has reflected XSS via the ConnPoolName, GroupId, or type parameter.
|
|||||
| CVE-2018-19809 | 1 Infovista | 1 Vistaportal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/GroupCopy.jsp" has reflected XSS via the ConnPoolName, GroupId, or type parameter.
|
|||||
| CVE-2018-19799 | 1 Dolibarr | 1 Dolibarr | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Dolibarr ERP/CRM through 8.0.3 has /exports/export.php?datatoexport= XSS.
|
|||||
| CVE-2018-19794 | 1 Internet2 | 1 Grouper | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross-site scripting (XSS) vulnerability in UiV2Public.index in Internet2 Grouper 2.2 and 2.3 allows remote attackers to inject arbitrary web script or HTML via the code parameter.
|
|||||
| CVE-2018-19785 | 1 Php-proxy | 1 Php-proxy | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
PHP-Proxy through 5.1.0 has Cross-Site Scripting (XSS) via the URL field in index.php.
|
|||||
| CVE-2018-19782 | 1 Freshrss | 1 Freshrss | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Multiple cross-site scripting (XSS) vulnerabilities in GET requests in FreshRSS 1.11.1 allow remote attackers to inject arbitrary web script or HTML via the (1) c parameter or (2) a parameter.
|
|||||
| CVE-2018-19775 | 1 Infovista | 1 Vistaportal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "Variables.jsp" has reflected XSS via the ConnPoolName and GroupId parameters.
|
|||||
| CVE-2018-19774 | 1 Infovista | 1 Vistaportal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "PresentSpace.jsp" has reflected XSS via the GroupId and ConnPoolName parameters.
|
|||||
| CVE-2018-19773 | 1 Infovista | 1 Vistaportal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "EditCurrentUser.jsp" has reflected XSS via the GroupId and ConnPoolName parameters.
|
|||||
| CVE-2018-19772 | 1 Infovista | 1 Vistaportal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "EditCurrentPresentSpace.jsp" has reflected XSS via the ConnPoolName, GroupId, and ParentId parameters.
|
|||||
| CVE-2018-19771 | 1 Infovista | 1 Vistaportal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "EditCurrentPool.jsp" has reflected XSS via the PropName parameter.
|
|||||
| CVE-2018-19770 | 1 Infovista | 1 Vistaportal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "Users.jsp" has reflected XSS via the ConnPoolName parameter.
|
|||||
| CVE-2018-19769 | 1 Infovista | 1 Vistaportal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "UserProperties.jsp" has reflected XSS via the ConnPoolName parameter.
|
|||||
| CVE-2018-19768 | 1 Infovista | 1 Vistaportal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "SubPagePackages.jsp" has reflected XSS via the ConnPoolName and GroupId parameters.
|
|||||