Total
40736 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-19751 | 1 Domainmod | 1 Domainmod | 2024-11-21 | N/A |
| DomainMOD through 4.11.01 has XSS via the admin/ssl-fields/add.php notes field for Custom SSL Fields. | ||||
| CVE-2018-19750 | 1 Domainmod | 1 Domainmod | 2024-11-21 | N/A |
| DomainMOD through 4.11.01 has XSS via the admin/domain-fields/ notes field in an Add Custom Field action for Custom Domain Fields. | ||||
| CVE-2018-19749 | 1 Domainmod | 1 Domainmod | 2024-11-21 | N/A |
| DomainMOD through 4.11.01 has XSS via the assets/add/account-owner.php Owner name field. | ||||
| CVE-2018-19727 | 1 Adobe | 1 Experience Manager | 2024-11-21 | N/A |
| Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | ||||
| CVE-2018-19726 | 1 Adobe | 1 Experience Manager | 2024-11-21 | N/A |
| Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | ||||
| CVE-2018-19724 | 1 Adobe | 1 Experience Manager | 2024-11-21 | N/A |
| Adobe Experience Manager Forms versions 6.2, 6.3 and 6.4 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | ||||
| CVE-2018-19694 | 1 Hms-networks | 16 Netbiter Ec150, Netbiter Ec150 Firmware, Netbiter Ec250 and 13 more | 2024-11-21 | N/A |
| HMS Industrial Networks Netbiter WS100 3.30.5 devices and previous have reflected XSS in the login form. | ||||
| CVE-2018-19693 | 1 Tp5cms Project | 1 Tp5cms | 2024-11-21 | N/A |
| An issue was discovered in tp5cms through 2017-05-25. admin.php/system/set.html has XSS via the title parameter. | ||||
| CVE-2018-19658 | 2 Apple, Evernote | 2 Macos, Yinxiang Biji | 2024-11-21 | 5.4 Medium |
| The Markdown editor in YXBJ before 8.3.2 on macOS has stored XSS. This behavior may be encountered by some Evernote users; however, it is a vulnerability in YXBJ, not a vulnerability in Evernote. | ||||
| CVE-2018-19649 | 1 Infovista | 1 Vistaportal | 2024-11-21 | N/A |
| XSS exists in InfoVista VistaPortal SE Version 5.1 (build 51029). VPortal/mgtconsole/RolePermissions.jsp has reflected XSS via the ConnPoolName parameter. | ||||
| CVE-2018-19644 | 1 Microfocus | 1 Solutions Business Manager | 2024-11-21 | N/A |
| Reflected cross site script issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | ||||
| CVE-2018-19630 | 1 Openwrt | 2 Lede, Openwrt | 2024-11-21 | N/A |
| cgi_handle_request in uhttpd in OpenWrt through 18.06.1 and LEDE through 17.01 has unauthenticated reflected XSS via the URI, as demonstrated by a cgi-bin/?[XSS] URI. | ||||
| CVE-2018-19615 | 1 Rockwellautomation | 2 Powermonitor 1000, Powermonitor 1000 Firmware | 2024-11-21 | 6.1 Medium |
| Rockwell Automation Allen-Bradley PowerMonitor 1000 all versions. A remote attacker could inject arbitrary code into a targeted userâs web browser to gain access to the affected device. | ||||
| CVE-2018-19614 | 1 Westermo | 6 Dr-250, Dr-250 Firmware, Dr-260 and 3 more | 2024-11-21 | N/A |
| XSS exists in the /cmdexec/cmdexe?cmd= function in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers. | ||||
| CVE-2018-19600 | 1 Rhymix | 1 Rhymix | 2024-11-21 | N/A |
| Rhymix CMS 1.9.8.1 allows XSS via an index.php?module=admin&act=dispModuleAdminFileBox SVG upload. | ||||
| CVE-2018-19599 | 1 Monstra | 1 Monstra Cms | 2024-11-21 | 5.4 Medium |
| Monstra CMS 1.6 allows XSS via an uploaded SVG document to the admin/index.php?id=filesmanager&path=uploads/ URI. NOTE: this is a discontinued product. | ||||
| CVE-2018-19598 | 1 Statamic | 1 Statamic | 2024-11-21 | N/A |
| Statamic 2.10.3 allows XSS via First Name or Last Name to the /users URI in an 'Add new user' request. | ||||
| CVE-2018-19597 | 1 Cmsmadesimple | 1 Cms Made Simple | 2024-11-21 | N/A |
| CMS Made Simple 2.2.8 allows XSS via an uploaded SVG document, a related issue to CVE-2017-16798. | ||||
| CVE-2018-19596 | 1 Zurmo | 1 Zurmo | 2024-11-21 | N/A |
| Zurmo 3.2.4 allows HTML Injection via an admin's use of HTML in the report section, a related issue to CVE-2018-19506. | ||||
| CVE-2018-19579 | 1 Gitlab | 1 Gitlab | 2024-11-21 | N/A |
| GitLab EE version 11.5 is vulnerable to a persistent XSS vulnerability in the Operations page. This is fixed in 11.5.1. | ||||