Total
42233 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-0716 | 1 Qnap | 1 Qts | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross-site scripting vulnerability in QTS 4.2.6 build 20180711, QTS 4.3.3: Qsync Central 3.0.2, QTS 4.3.4: Qsync Central 3.0.3, QTS 4.3.5: Qsync Central 3.0.4 and earlier versions could allow remote attackers to inject Javascript code in the compromised application.
|
|||||
| CVE-2018-0715 | 1 Qnap | 1 Photo Station | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross-site scripting vulnerability in QNAP Photo Station versions 5.7.0 and earlier could allow remote attackers to inject Javascript code in the compromised application.
|
|||||
| CVE-2018-0711 | 1 Qnap | 1 Qts | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross-site scripting (XSS) vulnerability in QNAP QTS 4.3.3 build 20180126, QTS 4.3.4 build 20180315, and their earlier versions could allow remote attackers to inject arbitrary web script or HTML.
|
|||||
| CVE-2018-0699 | 1 Hyuki | 1 Yukiwiki | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross-site scripting vulnerability in YukiWiki 2.1.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2018-0698 | 1 Weseek | 1 Growi | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
|
Cross-site scripting vulnerability in GROWI v3.2.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2018-0697 | 1 Metabase | 1 Metabase | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross-site scripting vulnerability in Metabase version 0.29.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2018-0695 | 1 Usvn | 1 Usvn | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross-site scripting vulnerability in User-friendly SVN (USVN) Version 1.0.7 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2018-0687 | 1 Neo | 2 Debun Imap, Debun Pop | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross-site scripting vulnerability in Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2018-0679 | 1 Fxc | 20 Ae1021, Ae1021 Firmware, Ae1021pe and 17 more | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
Cross-site scripting vulnerability in multiple FXC Inc. network devices (Managed Ethernet switch FXC5210/5218/5224 firmware prior to version Ver1.00.22, Managed Ethernet switch FXC5426F firmware prior to version Ver1.00.06, Managed Ethernet switch FXC5428 firmware prior to version Ver1.00.07, Power over Ethernet (PoE) switch FXC5210PE/5218PE/5224PE firmware prior to version Ver1.00.14, and Wireless LAN router AE1021/AE1021PE firmware all versions) allows attacker with administrator rights to inj ...
Show More |
|||||
| CVE-2018-0672 | 1 Sixapart | 1 Movable Type | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross-site scripting vulnerability in Movable Type versions prior to Ver. 6.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2018-0657 | 2 Ec-cube, Gmo-pg | 3 Ec-cube, Ec-cube Payment Module, Gmo-pg Payment Module | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
Cross-site scripting vulnerability in EC-CUBE Payment Module and GMO-PG Payment Module (PG Multi-Payment Service) for EC-CUBE (EC-CUBE Payment Module (2.12) version 3.5.23 and earlier, EC-CUBE Payment Module (2.11) version 2.3.17 and earlier, GMO-PG Payment Module (PG Multi-Payment Service) (2.12) version 3.5.23 and earlier, and GMO-PG Payment Module (PG Multi-Payment Service) (2.11) version 2.3.17 and earlier) allow an attacker with administrator rights to inject arbitrary web script or HTML vi ...
Show More |
|||||
| CVE-2018-0655 | 1 Weseek | 1 Growi | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
Cross-site scripting vulnerability in GROWI v.3.1.11 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via the app settings section of admin page.
|
|||||
| CVE-2018-0654 | 1 Weseek | 1 Growi | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross-site scripting vulnerability in GROWI v.3.1.11 and earlier allows remote attackers to inject arbitrary web script or HTML via the modal for creating Wiki page.
|
|||||
| CVE-2018-0653 | 1 Weseek | 1 Growi | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross-site scripting vulnerability in GROWI v.3.1.11 and earlier allows remote attackers to inject arbitrary web script or HTML via Wiki page view.
|
|||||
| CVE-2018-0652 | 1 Weseek | 1 Growi | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
|
Cross-site scripting vulnerability in GROWI v.3.1.11 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via the UserGroup Management section of admin page.
|
|||||
| CVE-2018-0642 | 1 Foliovision | 1 Fv Flowplayer Video Player | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross-site scripting vulnerability in FV Flowplayer Video Player 6.1.2 to 6.6.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2018-0618 | 2 Debian, Gnu | 2 Debian Linux, Mailman | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
|
Cross-site scripting vulnerability in Mailman 2.1.26 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2018-0614 | 1 Necplatforms | 16 Calsos Csdj-a, Calsos Csdj-a Firmware, Calsos Csdj-b and 13 more | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross-site scripting vulnerability in NEC Platforms Calsos CSDX and CSDJ series products (CSDX 1.37210411 and earlier, CSDX(P) 4.37210411 and earlier, CSDX(D) 3.37210411 and earlier, CSDX(S) 2.37210411 and earlier, CSDJ-B 01.03.00 and earlier, CSDJ-H 01.03.00 and earlier, CSDJ-D 01.03.00 and earlier, CSDJ-A 03.00.00) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2018-0612 | 1 5000 Trillion Yen Converter Project | 1 5000 Trillion Yen Converter | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross-site scripting vulnerability in 5000 trillion yen converter v1.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2018-0605 | 1 Pixelpost | 1 Pixelpost | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross-site scripting vulnerability in Pixelpost v1.7.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2018-0603 | 1 Geminilabs | 1 Site Reviews | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross-site scripting vulnerability in Site Reviews versions prior to 2.15.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2018-0602 | 1 Email Subscribers \& Newsletters Project | 1 Email Subscribers \& Newsletters | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross-site scripting vulnerability in Email Subscribers & Newsletters versions prior to 3.5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2018-0585 | 1 Ultimatemember | 1 Ultimate Member | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
|
Cross-site scripting vulnerability in Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2018-0583 | 1 Asus | 2 Rt-ac1200hp, Rt-ac1200hp Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross-site scripting vulnerability in ASUS RT-AC1200HP Firmware version prior to 3.0.0.4.380.4180 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2018-0582 | 1 Asus | 2 Rt-ac68u, Rt-ac68u Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross-site scripting vulnerability in ASUS RT-AC68U Firmware version prior to 3.0.0.4.380.1031 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2018-0581 | 1 Asus | 2 Rt-ac87u, Rt-ac87u Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross-site scripting vulnerability in ASUS RT-AC87U Firmware version prior to 3.0.0.4.378.9383 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2018-0579 | 1 Webdados | 1 Open Graph For Facebook\, Google\+ And Twitter Card Tags | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross-site scripting vulnerability in Open Graph for Facebook, Google+ and Twitter Card Tags plugin prior to version 2.2.4.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2018-0578 | 1 Pixelyoursite | 1 Pixelyoursite | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
|
Cross-site scripting vulnerability in PixelYourSite plugin prior to version 5.3.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2018-0577 | 1 Flippercode | 1 Wp Google Map | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
|
Cross-site scripting vulnerability in WP Google Map Plugin prior to version 4.0.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2018-0576 | 1 Pixelite | 1 Events Manager | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
|
Cross-site scripting vulnerability in Events Manager plugin prior to version 5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2018-0574 | 1 Basercms | 1 Basercms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross-site scripting vulnerability in baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2018-0570 | 1 Basercms | 1 Basercms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
|
Cross-site scripting vulnerability in baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2018-0565 | 1 Cybozu | 1 Office | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.8.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2018-0559 | 1 Cybozu | 1 Mailwise | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attackers to inject arbitrary web script or HTML 'Address' via unspecified vectors.
|
|||||
| CVE-2018-0558 | 1 Cybozu | 1 Mailwise | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Reflected cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attackers to inject arbitrary web script or HTML in 'System settings' via unspecified vectors.
|
|||||
| CVE-2018-0557 | 1 Cybozu | 1 Mailwise | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Stored cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attackers to inject arbitrary web script or HTML 'E-mail Details Screen' via unspecified vectors.
|
|||||
| CVE-2018-0551 | 1 Cybozu | 1 Garoon | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
|
Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.6.1 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2018-0549 | 1 Cybozu | 1 Garoon | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
|
Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.6.0 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2018-0547 | 1 Soflyy | 1 Wp All Import | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross-site scripting vulnerability in WP All Import plugin prior to version 3.4.7 for WordPress allows an attacker to inject arbitrary web script or HTML via unspecified vectors.
|
|||||
| CVE-2018-0546 | 1 Soflyy | 1 Wp All Import | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
Cross-site scripting vulnerability in WP All Import plugin prior to version 3.4.6 for WordPress allows an attacker to inject arbitrary web script or HTML via unspecified vectors.
|
|||||