Vulnerabilities (CVE)

  1. Yack CVE
  2. Vulnerabilities (CVE)
Filtered by CWE-79
Angry Yack Logo
Total 42233 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-18700 1 Netgear 46 D6400, D6400 Firmware, D7000 and 43 more 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Certain NETGEAR devices are affected by stored XSS. This affects D6400 before 1.0.0.60, D7000 before 1.0.1.50, D8500 before 1.0.3.29, EX6200 before 1.0.3.84, EX7000 before 1.0.0.60, R6250 before 1.0.4.16, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 before 1.0.1.34, R6900P before 1.3.0.8, R7000 before 1.0.9.14, R7000P before 1.3.0.8, R7100LG before 1.0.0.34, R7300DST before 1.0.0.56, R7900 before 1.0.1.26, R8000 before 1.0.4.4, R8300 before ...

Show More
CVE-2017-18639 1 Progress 1 Sitefinity Cms 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Progress Sitefinity CMS before 10.1 allows XSS via /Pages Parameter : Page Title, /Content/News Parameter : News Title, /Content/List Parameter : List Title, /Content/Documents/LibraryDocuments/incident-request-attachments Parameter : Document Title, /Content/Images/LibraryImages/newsimages Parameter : Image Title, /Content/links Parameter : Link Title, /Content/links Parameter : Link Title, or /Content/Videos/LibraryVideos/default-video-library Parameter : Video Title.
CVE-2017-18635 4 Canonical, Debian, Novnc and 1 more 4 Ubuntu Linux, Debian Linux, Novnc and 1 more 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as the VNC server name.
CVE-2017-18615 1 Wp-kama 1 Kama Click Counter 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The kama-clic-counter plugin before 3.5.0 for WordPress has XSS.
CVE-2017-18613 1 Trust Form Project 1 Trust Form 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The trust-form plugin 2.0 for WordPress has XSS via the wp-admin/admin.php?page=trust-form-edit page parameter.
CVE-2017-18612 1 Netattingo 1 Wp-whois-domain 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The wp-whois-domain plugin 1.0.0 for WordPress has XSS via the pages/func-whois.php domain parameter.
CVE-2017-18611 1 Magicfields 1 Magic Fields 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The magic-fields plugin before 1.7.2 for WordPress has XSS via the RCCWP_CreateCustomFieldPage.php custom-field-css parameter.
CVE-2017-18610 1 Magicfields 1 Magic Fields 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The magic-fields plugin before 1.7.2 for WordPress has XSS via the RCCWP_CreateCustomFieldPage.php custom-group-id parameter.
CVE-2017-18609 1 Magicfields 1 Magic Fields 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The magic-fields plugin before 1.7.2 for WordPress has XSS via the custom-write-panel-id parameter.
CVE-2017-18608 1 Spot 1 Spot.im Comments 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The spotim-comments plugin before 4.0.4 for WordPress has multiple XSS issues.
CVE-2017-18606 1 Theme-fusion 1 Avada 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The avada theme before 5.1.5 for WordPress has stored XSS.
CVE-2017-18603 1 Postman-smtp Project 1 Postman-smtp 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The postman-smtp plugin through 2017-10-04 for WordPress has XSS via the wp-admin/tools.php?page=postman_email_log page parameter.
CVE-2017-18601 1 Ibps Online Exam Project 1 Ibps Online Exam 2024-11-21 3.5 LOW 5.4 MEDIUM
The examapp plugin 1.0 for WordPress has XSS via exam input text fields.
CVE-2017-18600 1 Ncrafts 1 Formcraft 2024-11-21 3.5 LOW 5.4 MEDIUM
The formcraft3 plugin before 3.4 for WordPress has stored XSS via the "New Form > Heading > Heading Text" field.
CVE-2017-18599 1 Pinfinity Project 1 Pinfinity 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The Pinfinity theme before 2.0 for WordPress has XSS via the s parameter.
CVE-2017-18598 1 Designmodo 1 Qards 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The Qards plugin through 2017-10-11 for WordPress has XSS via a remote document specified in the url parameter to html2canvasproxy.php.
CVE-2017-18593 1 Updraftplus 1 Updraftplus 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The updraftplus plugin before 1.13.5 for WordPress has XSS in rare cases where an attacker controls a string logged to a log file.
CVE-2017-18590 1 Bestwebsoft 1 Timesheet 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The timesheet plugin before 0.1.5 for WordPress has multiple XSS issues.
CVE-2017-18582 1 Time Sheets Project 1 Time Sheets 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The time-sheets plugin before 1.5.2 for WordPress has multiple XSS issues.
CVE-2017-18581 1 Time Sheets Project 1 Time Sheets 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The time-sheets plugin before 1.5.0 for WordPress has XSS via the old timesheet list.
CVE-2017-18579 1 Dwbooster 1 Corner Ad 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The corner-ad plugin before 1.0.8 for WordPress has XSS.
CVE-2017-18578 1 Crafty Social Buttons Project 1 Crafty Social Buttons 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The crafty-social-buttons plugin before 1.5.8 for WordPress has XSS.
CVE-2017-18576 1 Event Notifier Project 1 Event Notifier 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The event-notifier plugin before 1.2.1 for WordPress has XSS via the loading animation.
CVE-2017-18575 1 Newstatpress Project 1 Newstatpress 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The newstatpress plugin before 1.2.5 for WordPress has multiple stored XSS issues.
CVE-2017-18572 1 Sir 1 Gnucommerce 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The gnucommerce plugin before 1.4.2 for WordPress has XSS.
CVE-2017-18568 1 Mythemeshop 1 My Wp Translate 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The my-wp-translate plugin before 1.0.4 for WordPress has XSS.
CVE-2017-18567 1 Soflyy 1 Wp All Import 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The wp-all-import plugin before 3.4.6 for WordPress has XSS.
CVE-2017-18566 1 Bestwebsoft 1 User Role 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The user-role plugin before 1.5.6 for WordPress has multiple XSS issues.
CVE-2017-18565 1 Bestwebsoft 1 Updater 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The updater plugin before 1.35 for WordPress has multiple XSS issues.
CVE-2017-18564 1 Bestwebsoft 1 Sender 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The sender plugin before 1.2.1 for WordPress has multiple XSS issues.
CVE-2017-18563 1 Swimordiesoftware 1 Rsvp 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The rsvp plugin before 2.3.8 for WordPress has persistent XSS via the note field on the attendee-list screen.
CVE-2017-18562 1 Bestwebsoft 1 Error Log Viewer 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The error-log-viewer plugin before 1.0.6 for WordPress has multiple XSS issues.
CVE-2017-18561 1 Embed Images In Comments Project 1 Embed Images In Comments 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The embed-comment-images plugin before 0.6 for WordPress has XSS.
CVE-2017-18560 1 Content Audit Project 1 Content Audit 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The content-audit plugin before 1.9.2 for WordPress has XSS.
CVE-2017-18559 1 Cformsii Project 1 Cformsii 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The cforms2 plugin before 14.13.3 for WordPress has multiple XSS issues.
CVE-2017-18558 1 Bestwebsoft 1 Testimonials 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The bws-testimonials plugin before 0.1.9 for WordPress has multiple XSS issues.
CVE-2017-18557 1 Bestwebsoft 1 Google Maps 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The bws-google-maps plugin before 1.3.6 for WordPress has multiple XSS issues.
CVE-2017-18556 1 Bestwebsoft 1 Google Analytics 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The bws-google-analytics plugin before 1.7.1 for WordPress has multiple XSS issues.
CVE-2017-18555 1 Mediaburst 1 Booking Calendar 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The booking-sms plugin before 1.1.0 for WordPress has XSS.
CVE-2017-18554 1 Analytics Tracker Project 1 Analytics Tracker 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
The analytics-tracker plugin before 1.1.1 for WordPress has XSS via a search event.