Total
40772 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-5712 | 4 Canonical, Debian, Php and 1 more | 5 Ubuntu Linux, Debian Linux, Php and 2 more | 2024-11-21 | N/A |
| An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file. | ||||
| CVE-2018-5705 | 1 Reservo | 1 Image Hosting | 2024-11-21 | N/A |
| Reservo Image Hosting 1.6 is vulnerable to XSS attacks. The affected function is its search engine (the t parameter to the /search URI). Since there is an user/admin login interface, it's possible for attackers to steal sessions of users and thus admin(s). By sending users an infected URL, code will be executed. | ||||
| CVE-2018-5692 | 1 Piwigo | 1 Piwigo | 2024-11-21 | N/A |
| Piwigo v2.8.2 has XSS via the `tab`, `to`, `section`, `mode`, `installstatus`, and `display` parameters of the `admin.php` file. | ||||
| CVE-2018-5691 | 1 Sonicwall | 2 Analyzer, Global Management System | 2024-11-21 | N/A |
| SonicWall Global Management System (GMS) 8.1 has XSS via the `newName` and `Name` values of the `/sgms/TreeControl` module. | ||||
| CVE-2018-5690 | 1 Dotclear | 1 Dotclear | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in admin/users.php in Dotclear 2.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the nb parameter (aka the page limit number). | ||||
| CVE-2018-5689 | 1 Dotclear | 1 Dotclear | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in admin/auth.php in Dotclear 2.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the malicious user's email. | ||||
| CVE-2018-5688 | 1 Ilias | 1 Ilias | 2024-11-21 | N/A |
| ILIAS before 5.2.4 has XSS via the cmd parameter to the displayHeader function in setup/classes/class.ilSetupGUI.php in the Setup component. | ||||
| CVE-2018-5687 | 1 Newsbee Project | 1 Newsbee | 2024-11-21 | N/A |
| NewsBee allows XSS via the Company Name field in the Settings under admin/admin.php. | ||||
| CVE-2018-5681 | 1 Prestashop | 1 Prestashop | 2024-11-21 | N/A |
| PrestaShop 1.7.2.4 has XSS via source-code editing on the "Pages > Edit page" screen. | ||||
| CVE-2018-5672 | 1 Booking Calendar Project | 1 Booking Calendar | 2024-11-21 | N/A |
| An issue was discovered in the booking-calendar plugin 2.1.7 for WordPress. XSS exists via the wp-admin/admin.php form_field5[label] parameter. | ||||
| CVE-2018-5671 | 1 Booking Calendar Project | 1 Booking Calendar | 2024-11-21 | N/A |
| An issue was discovered in the booking-calendar plugin 2.1.7 for WordPress. XSS exists via the wp-admin/admin.php extra_field1[items][field_item1][price_percent] parameter. | ||||
| CVE-2018-5670 | 1 Booking Calendar Project | 1 Booking Calendar | 2024-11-21 | N/A |
| An issue was discovered in the booking-calendar plugin 2.1.7 for WordPress. XSS exists via the wp-admin/admin.php sale_conditions[count][] parameter. | ||||
| CVE-2018-5668 | 1 Read And Understood Project | 1 Read And Understood | 2024-11-21 | N/A |
| An issue was discovered in the read-and-understood plugin 2.1 for WordPress. XSS exists via the wp-admin/options-general.php rnu_username_validation_title parameter. | ||||
| CVE-2018-5667 | 1 Read And Understood Project | 1 Read And Understood | 2024-11-21 | N/A |
| An issue was discovered in the read-and-understood plugin 2.1 for WordPress. XSS exists via the wp-admin/options-general.php rnu_username_validation_pattern parameter. | ||||
| CVE-2018-5666 | 1 Responsive Coming Soon Page Project | 1 Responsive Coming Soon Page | 2024-11-21 | N/A |
| An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. XSS exists via the wp-admin/admin.php bg_color parameter. | ||||
| CVE-2018-5665 | 1 Responsive Coming Soon Page Project | 1 Responsive Coming Soon Page | 2024-11-21 | N/A |
| An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. XSS exists via the wp-admin/admin.php logo_height parameter. | ||||
| CVE-2018-5664 | 1 Responsive Coming Soon Page Project | 1 Responsive Coming Soon Page | 2024-11-21 | N/A |
| An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. XSS exists via the wp-admin/admin.php social_icon_1 parameter. | ||||
| CVE-2018-5663 | 1 Responsive Coming Soon Page Project | 1 Responsive Coming Soon Page | 2024-11-21 | N/A |
| An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. XSS exists via the wp-admin/admin.php button_text_link parameter. | ||||
| CVE-2018-5662 | 1 Responsive Coming Soon Page Project | 1 Responsive Coming Soon Page | 2024-11-21 | N/A |
| An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. XSS exists via the wp-admin/admin.php counter_title parameter. | ||||
| CVE-2018-5661 | 1 Responsive Coming Soon Page Project | 1 Responsive Coming Soon Page | 2024-11-21 | N/A |
| An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. XSS exists via the wp-admin/admin.php logo_width parameter. | ||||