Total
40747 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-20725 | 1 Cacti | 1 Cacti | 2024-11-21 | N/A |
| A cross-site scripting (XSS) vulnerability exists in graph_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Graph Vertical Label. | ||||
| CVE-2018-20724 | 1 Cacti | 1 Cacti | 2024-11-21 | N/A |
| A cross-site scripting (XSS) vulnerability exists in pollers.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname for Data Collectors. | ||||
| CVE-2018-20723 | 1 Cacti | 1 Cacti | 2024-11-21 | N/A |
| A cross-site scripting (XSS) vulnerability exists in color_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Name field for a Color. | ||||
| CVE-2018-20703 | 1 Cubecart | 1 Cubecart | 2024-11-21 | N/A |
| CubeCart 6.2.2 has Reflected XSS via a /{ADMIN-FILE}/ query string. | ||||
| CVE-2018-20682 | 1 Fork-cms | 1 Fork Cms | 2024-11-21 | N/A |
| Fork CMS 5.0.6 allows stored XSS via the private/en/settings facebook_admin_ids parameter (aka "Admin ids" input in the Facebook section). | ||||
| CVE-2018-20680 | 1 Frog Cms Project | 1 Frog Cms | 2024-11-21 | N/A |
| Frog CMS 0.9.5 has XSS in the admin/?/page/edit/1 body field. | ||||
| CVE-2018-20677 | 2 Getbootstrap, Redhat | 8 Bootstrap, Ceph Storage, Enterprise Linux and 5 more | 2024-11-21 | N/A |
| In Bootstrap before 3.4.0, XSS is possible in the affix configuration target property. | ||||
| CVE-2018-20676 | 2 Getbootstrap, Redhat | 8 Bootstrap, Ceph Storage, Enterprise Linux and 5 more | 2024-11-21 | N/A |
| In Bootstrap before 3.4.0, XSS is possible in the tooltip data-viewport attribute. | ||||
| CVE-2018-20663 | 1 Haulmont | 2 Cuba Platform, Reporting | 2024-11-21 | N/A |
| The Reporting Addon (aka Reports Addon) through 2019-01-02 for CUBA Platform through 6.10.x has Persistent XSS via the "Reports > Reports" name field. | ||||
| CVE-2018-20645 | 1 Basic B2b Script Project | 1 Basic B2b Script | 2024-11-21 | N/A |
| PHP Scripts Mall Basic B2B Script 2.0.9 has HTML injection via the First Name or Last Name field. | ||||
| CVE-2018-20640 | 1 Entrepreneur Job Portal Script Project | 1 Entrepreneur Job Portal Script | 2024-11-21 | N/A |
| PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has stored Cross-Site Scripting (XSS) via the Full Name field. | ||||
| CVE-2018-20639 | 1 Entrepreneur Job Portal Script Project | 1 Entrepreneur Job Portal Script | 2024-11-21 | N/A |
| PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has HTML injection via the Search Bar. | ||||
| CVE-2018-20636 | 1 Chartered Accountant \ | 1 Auditor Website Project | 2024-11-21 | N/A |
| PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has HTML injection via the First Name field. | ||||
| CVE-2018-20632 | 1 Advance B2b Script Project | 1 Advance B2b Script | 2024-11-21 | N/A |
| PHP Scripts Mall Advance B2B Script 2.1.4 has stored Cross-Site Scripting (XSS) via the FIRST NAME or LAST NAME field. | ||||
| CVE-2018-20627 | 1 Consumer Reviews Script Project | 1 Consumer Reviews Script | 2024-11-21 | N/A |
| PHP Scripts Mall Consumer Reviews Script 4.0.3 has HTML injection via the search box. | ||||
| CVE-2018-20611 | 1 Txjia | 1 Imcat | 2024-11-21 | N/A |
| imcat 4.4 allow XSS via a crafted cookie to the root/tools/adbug/binfo.php?cookie URI. | ||||
| CVE-2018-20601 | 1 Ucms Project | 1 Ucms | 2024-11-21 | N/A |
| UCMS 1.4.7 has XSS via the description parameter in an index.php list_editpost action. | ||||
| CVE-2018-20600 | 1 Ucms Project | 1 Ucms | 2024-11-21 | N/A |
| sadmin\cedit.php in UCMS 1.4.7 has XSS via an index.php sadmin_cedit action. | ||||
| CVE-2018-20597 | 1 Ucms Project | 1 Ucms | 2024-11-21 | N/A |
| UCMS 1.4.7 has XSS via the dir parameter in an index.php sadmin_fileedit action. | ||||
| CVE-2018-20594 | 1 Hsweb | 1 Hsweb | 2024-11-21 | N/A |
| An issue was discovered in hsweb 3.0.4. It is a reflected XSS vulnerability due to the absence of type parameter checking in FlowableModelManagerController.java. | ||||