Total
38093 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-15603 | 1 Victor Cms Project | 1 Victor Cms | 2024-11-21 | N/A |
| An issue was discovered in Victor CMS through 2018-05-10. There is XSS via the Author field of the "Leave a Comment" screen. | ||||
| CVE-2018-15602 | 1 Zyxel | 2 Vmg3312 B10b, Vmg3312 B10b Firmware | 2024-11-21 | N/A |
| Zyxel VMG3312 B10B devices are affected by a persistent XSS vulnerability via the pages/connectionStatus/connectionStatus-hostEntry.cmd hostname parameter. | ||||
| CVE-2018-15596 | 1 Mybb | 1 Mybb | 2024-11-21 | N/A |
| An issue was discovered in inc/class_feedgeneration.php in MyBB 1.8.17. On the forum RSS Syndication page, one can generate a URL such as http://localhost/syndication.php?fid=&type=atom1.0&limit=15. The thread titles (within title elements of the generated XML documents) aren't sanitized, leading to XSS. | ||||
| CVE-2018-15585 | 1 Sir | 1 Gnuboard | 2024-11-21 | N/A |
| Cross-Site Scripting (XSS) vulnerability in newwinform.php in GNUBOARD5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML via the popup title parameter. | ||||
| CVE-2018-15584 | 1 Sir | 1 Gnuboard | 2024-11-21 | N/A |
| Cross-Site Scripting (XSS) vulnerability in adm/boardgroup_form_update.php and adm/boardgroup_list_update.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML. | ||||
| CVE-2018-15583 | 1 Sir | 1 Gnuboard | 2024-11-21 | 6.1 Medium |
| Cross-Site Scripting (XSS) vulnerability in point_list.php in GNUBOARD5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML via the popup title parameter. | ||||
| CVE-2018-15582 | 1 Sir | 1 Gnuboard | 2024-11-21 | N/A |
| Cross-Site Scripting (XSS) vulnerability in adm/sms_admin/num_book_write.php and adm/sms_admin/num_book_update.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML. | ||||
| CVE-2018-15581 | 1 Sir | 1 Gnuboard | 2024-11-21 | N/A |
| Cross-Site Scripting (XSS) vulnerability in adm/faqmasterformupdate.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML. | ||||
| CVE-2018-15580 | 1 Sir | 1 Gnuboard | 2024-11-21 | N/A |
| Cross-Site Scripting (XSS) vulnerability in adm/contentformupdate.php in gnuboard5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML. | ||||
| CVE-2018-15570 | 1 Bijiadao | 1 Waimai Super Cms | 2024-11-21 | N/A |
| In waimai Super Cms 20150505, there is stored XSS via the /admin.php/Foodcat/editsave fcname parameter. | ||||
| CVE-2018-15567 | 1 Cmsuno Project | 1 Cmsuno | 2024-11-21 | N/A |
| CMSUno before 1.5.3 has XSS via the title field. | ||||
| CVE-2018-15566 | 1 Tp5cms Project | 1 Tp5cms | 2024-11-21 | N/A |
| tp5cms through 2017-05-25 has XSS via the admin.php/article/index.html q parameter. | ||||
| CVE-2018-15563 | 1 Intelliants | 1 Subrion | 2024-11-21 | N/A |
| _core/admin/pages/add/ in Subrion CMS 4.2.1 has XSS via the titles[en] parameter. | ||||
| CVE-2018-15562 | 1 Isweb | 1 Isweb | 2024-11-21 | N/A |
| CMS ISWEB 3.5.3 has XSS via the ordineRis, sezioneRicerca, or oggettiRicerca parameter to index.php. | ||||
| CVE-2018-15559 | 1 Xiuno | 1 Xiunobbs | 2024-11-21 | N/A |
| The editor in Xiuno BBS 4.0.4 allows stored XSS. | ||||
| CVE-2018-15546 | 1 Accusoft | 1 Prizmdoc | 2024-11-21 | N/A |
| Accusoft PrizmDoc version 13.3 and earlier contains a Stored Cross-Site Scripting issue through a crafted PDF file. | ||||
| CVE-2018-15538 | 1 Agentejo | 1 Cockpit | 2024-11-21 | N/A |
| Agentejo Cockpit has multiple Cross-Site Scripting vulnerabilities. | ||||
| CVE-2018-15533 | 1 Geutebrueck | 2 Re Porter 16, Re Porter 16 Firmware | 2024-11-21 | N/A |
| A reflected cross-site scripting vulnerability exists in Geutebrueck re_porter 16 before 7.8.974.20 by appending a query string to /modifychannel/exec or /images/*.png on TCP port 12005. | ||||
| CVE-2018-15530 | 1 Xerox | 2 Colorqube 8580, Colorqube 8580 Firmware | 2024-11-21 | N/A |
| Cross-site scripting (XSS) in the web interface of the Xerox ColorQube 8580 allows remote persistent injection of custom HTML / JavaScript code. | ||||
| CVE-2018-15528 | 1 Javasystemsolutions | 1 Sso Plugin | 2024-11-21 | N/A |
| Reflected Cross-Site Scripting exists in the Java System Solutions SSO plugin 4.0.13.1 for BMC MyIT. A remote attacker can abuse this issue to inject client-side scripts into the "select_sso()" function. The payload is triggered when the victim opens a prepared /ux/jss-sso/arslogin?[XSS] link and then clicks the "Login" button. | ||||