Total
40736 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-17784 | 1 Sugarcrm | 1 Sugarcrm | 2024-11-21 | 6.1 Medium |
| Multiple vulnerabilities in YUI and FlashCanvas embedded in SugarCRM Community Edition 6.5.26 could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on a targeted system. | ||||
| CVE-2018-17783 | 1 Mantisbt | 1 Mantisbt | 2024-11-21 | N/A |
| A cross-site scripting (XSS) vulnerability in the Edit Filter page (manage_filter_edit page.php) in MantisBT 2.1.0 through 2.17.1 allows remote attackers (if access rights permit it) to inject arbitrary code (if CSP settings permit it) through a crafted project name. | ||||
| CVE-2018-17782 | 1 Mantisbt | 1 Mantisbt | 2024-11-21 | N/A |
| A cross-site scripting (XSS) vulnerability in the Manage Filters page (manage_filter_page.php) in MantisBT 2.1.0 through 2.17.1 allows remote attackers (if access rights permit it) to inject arbitrary code (if CSP settings permit it) through a crafted project name. | ||||
| CVE-2018-17596 | 1 Zohocorp | 1 Manageengine Assetexplorer | 2024-11-21 | N/A |
| In Zoho ManageEngine AssetExplorer, a Stored XSS vulnerability was discovered in the 6.2.0 version via the /AssetDef.do ciName or assetName parameter. | ||||
| CVE-2018-17595 | 1 Fork-cms | 1 Fork Cms | 2024-11-21 | N/A |
| In the 5.4.0 version of the Fork CMS software, HTML Injection and Stored XSS vulnerabilities were discovered via the /backend/ajax URI. | ||||
| CVE-2018-17594 | 1 Airties | 2 Air 5443v2, Air 5443v2 Firmware | 2024-11-21 | N/A |
| AirTies Air 5443v2 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter. | ||||
| CVE-2018-17593 | 1 Airties | 2 Air 5453, Air 5453 Firmware | 2024-11-21 | N/A |
| AirTies Air 5453 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter. | ||||
| CVE-2018-17591 | 1 Airties | 2 Air 5343v2, Air 5343v2 Firmware | 2024-11-21 | N/A |
| AirTies Air 5343v2 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter. | ||||
| CVE-2018-17590 | 1 Airties | 2 Air 5442, Air 5442 Firmware | 2024-11-21 | N/A |
| AirTies Air 5442 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter. | ||||
| CVE-2018-17589 | 1 Airties | 2 Air 5650, Air 5650 Firmware | 2024-11-21 | N/A |
| AirTies Air 5650 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter. | ||||
| CVE-2018-17588 | 1 Airties | 2 Air 5021, Air 5021 Firmware | 2024-11-21 | N/A |
| AirTies Air 5021 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter. | ||||
| CVE-2018-17587 | 1 Airties | 2 Air 5750, Air 5750 Firmware | 2024-11-21 | N/A |
| AirTies Air 5750 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter. | ||||
| CVE-2018-17586 | 1 Wpfastestcache | 1 Wp Fastest Cache | 2024-11-21 | N/A |
| The WP Fastest Cache plugin 0.8.8.5 for WordPress has XSS via the rules[0][content] parameter in a wpfc_save_timeout_pages action. | ||||
| CVE-2018-17585 | 1 Wpfastestcache | 1 Wp Fastest Cache | 2024-11-21 | N/A |
| The WP Fastest Cache plugin 0.8.8.5 for WordPress has XSS via the wpfastestcacheoptions wpFastestCachePreload_number or wpFastestCacheLanguage parameter. | ||||
| CVE-2018-17583 | 1 Wpfastestcache | 1 Wp Fastest Cache | 2024-11-21 | N/A |
| The WP Fastest Cache plugin 0.8.8.5 for WordPress has XSS via the rules[0][content] parameter in a wpfc_save_exclude_pages action. | ||||
| CVE-2018-17574 | 1 Ymfe | 1 Yapi | 2024-11-21 | N/A |
| An issue was discovered in YMFE YApi 1.3.23. There is stored XSS in the name field of a project. | ||||
| CVE-2018-17572 | 1 Influxdata | 1 Influxdb | 2024-11-21 | 4.8 Medium |
| InfluxDB 0.9.5 has Reflected XSS in the Write Data module. | ||||
| CVE-2018-17571 | 1 Vanillaforums | 1 Vanilla | 2024-11-21 | N/A |
| Vanilla before 2.6.1 allows XSS via the email field of a profile. | ||||
| CVE-2018-17560 | 1 Teamwire | 1 Teamwire | 2024-11-21 | N/A |
| The admin interface of the Grouptime Teamwire Client 1.5.1 prior to 1.9.0 on-premises messenger server allows stored XSS. All backend versions prior to prod-2018-11-13-15-00-42 are affected. | ||||
| CVE-2018-17556 | 1 Modx | 1 Modx Revolution | 2024-11-21 | N/A |
| MODX Revolution v2.6.5-pl allows stored XSS via a Create New Media Source action. | ||||