Total
41077 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-7544 | 1 Mywebsql | 1 Mywebsql | 2024-11-21 | N/A |
| An issue was discovered in MyWebSQL 3.7. The Add User function of the User Manager pages has a Stored Cross-site Scripting (XSS) vulnerability in the User Name Field. | ||||
| CVE-2019-7543 | 1 Kindsoft | 1 Kindeditor | 2024-11-21 | N/A |
| In KindEditor 4.1.11, the php/demo.php content1 parameter has a reflected Cross-site Scripting (XSS) vulnerability. | ||||
| CVE-2019-7541 | 1 Rukovoditel | 1 Rukovoditel | 2024-11-21 | N/A |
| Rukovoditel through 2.4.1 allows XSS via a URL that lacks a module=users%2flogin substring. | ||||
| CVE-2019-7438 | 1 Jio | 2 Jiofi 4g M2s, Jiofi 4g M2s Firmware | 2024-11-21 | N/A |
| cgi-bin/qcmap_web_cgi on JioFi 4G M2S 1.0.2 devices has XSS and HTML injection via the mask POST parameter. | ||||
| CVE-2019-7437 | 1 Opensource Classified Ads Script Project | 1 Opensource Classified Ads Script | 2024-11-21 | N/A |
| PHP Scripts Mall Opensource Classified Ads Script 3.2.2 has reflected Cross-Site Scripting (XSS) via the Search field. | ||||
| CVE-2019-7435 | 1 Opensource Classified Ads Script Project | 1 Opensource Classified Ads Script | 2024-11-21 | N/A |
| PHP Scripts Mall Opensource Classified Ads Script 3.2.2 has reflected HTML injection via the Search Form. | ||||
| CVE-2019-7432 | 1 Rental Bike Script Project | 1 Rental Bike Script | 2024-11-21 | N/A |
| PHP Scripts Mall Rental Bike Script 2.0.3 has HTML injection via the STREET field in the Profile Edit section. | ||||
| CVE-2019-7430 | 1 Image Sharing Script Project | 1 Image Sharing Script | 2024-11-21 | N/A |
| PHP Scripts Mall Image Sharing Script 1.3.4 has HTML injection via the Search Bar. | ||||
| CVE-2019-7427 | 1 Zohocorp | 1 Manageengine Netflow Analyzer | 2024-11-21 | N/A |
| XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the autorefTime or graphTypes parameter. | ||||
| CVE-2019-7426 | 1 Zohocorp | 1 Manageengine Netflow Analyzer | 2024-11-21 | N/A |
| XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the groupDesc, groupName, groupID, or task parameter. | ||||
| CVE-2019-7425 | 1 Zohocorp | 1 Manageengine Netflow Analyzer | 2024-11-21 | 6.1 Medium |
| XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the task parameter. | ||||
| CVE-2019-7424 | 1 Zohocorp | 1 Manageengine Netflow Analyzer | 2024-11-21 | N/A |
| XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/index.jsp" file in the view GET parameter or any of these POST parameters: autorefTime, section, snapshot, viewOpt, viewAll, view, or groupSelName. The latter is related to CVE-2009-3903. | ||||
| CVE-2019-7423 | 1 Zohocorp | 1 Manageengine Netflow Analyzer | 2024-11-21 | N/A |
| XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/editProfile.jsp" file in the userName parameter. | ||||
| CVE-2019-7422 | 1 Zohocorp | 1 Manageengine Netflow Analyzer | 2024-11-21 | N/A |
| XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/addMailSettings.jsp" file in the gF parameter. | ||||
| CVE-2019-7421 | 1 Samsung | 3 Syncthru Web Service, X7400gx, X7400gx Firmware | 2024-11-21 | N/A |
| XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws.login/gnb/loginView.sws" in multiple parameters: contextpath and basedURL. | ||||
| CVE-2019-7420 | 1 Samsung | 3 Syncthru Web Service, X7400gx, X7400gx Firmware | 2024-11-21 | N/A |
| XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws.application/information/networkinformationView.sws" in the tabName parameter. | ||||
| CVE-2019-7419 | 1 Samsung | 3 Syncthru Web Service, X7400gx, X7400gx Firmware | 2024-11-21 | N/A |
| XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws/leftmenu.sws" in multiple parameters: ruiFw_id, ruiFw_pid, ruiFw_title. | ||||
| CVE-2019-7418 | 1 Samsung | 3 Syncthru Web Service, X7400gx, X7400gx Firmware | 2024-11-21 | N/A |
| XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws/swsAlert.sws" in multiple parameters: flag, frame, func, and Nfunc. | ||||
| CVE-2019-7417 | 1 Ericsson | 1 Active Library Explorer | 2024-11-21 | N/A |
| XSS exists in Ericsson Active Library Explorer (ALEX) 14.3 in multiple parameters in the "/cgi-bin/alexserv" servlet, as demonstrated by the DB, FN, fn, or id parameter. | ||||
| CVE-2019-7416 | 1 Opentext | 1 Documentum Webtop | 2024-11-21 | N/A |
| XSS and/or a Client Side URL Redirect exists in OpenText Documentum Webtop 5.3 SP2. The parameter startat in "/webtop/help/en/default.htm" is vulnerable. | ||||