Total
40733 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-15570 | 1 Bijiadao | 1 Waimai Super Cms | 2024-11-21 | N/A |
| In waimai Super Cms 20150505, there is stored XSS via the /admin.php/Foodcat/editsave fcname parameter. | ||||
| CVE-2018-15567 | 1 Cmsuno Project | 1 Cmsuno | 2024-11-21 | N/A |
| CMSUno before 1.5.3 has XSS via the title field. | ||||
| CVE-2018-15566 | 1 Tp5cms Project | 1 Tp5cms | 2024-11-21 | N/A |
| tp5cms through 2017-05-25 has XSS via the admin.php/article/index.html q parameter. | ||||
| CVE-2018-15563 | 1 Intelliants | 1 Subrion | 2024-11-21 | N/A |
| _core/admin/pages/add/ in Subrion CMS 4.2.1 has XSS via the titles[en] parameter. | ||||
| CVE-2018-15562 | 1 Isweb | 1 Isweb | 2024-11-21 | N/A |
| CMS ISWEB 3.5.3 has XSS via the ordineRis, sezioneRicerca, or oggettiRicerca parameter to index.php. | ||||
| CVE-2018-15559 | 1 Xiuno | 1 Xiunobbs | 2024-11-21 | N/A |
| The editor in Xiuno BBS 4.0.4 allows stored XSS. | ||||
| CVE-2018-15546 | 1 Accusoft | 1 Prizmdoc | 2024-11-21 | N/A |
| Accusoft PrizmDoc version 13.3 and earlier contains a Stored Cross-Site Scripting issue through a crafted PDF file. | ||||
| CVE-2018-15538 | 1 Agentejo | 1 Cockpit | 2024-11-21 | N/A |
| Agentejo Cockpit has multiple Cross-Site Scripting vulnerabilities. | ||||
| CVE-2018-15533 | 1 Geutebrueck | 2 Re Porter 16, Re Porter 16 Firmware | 2024-11-21 | N/A |
| A reflected cross-site scripting vulnerability exists in Geutebrueck re_porter 16 before 7.8.974.20 by appending a query string to /modifychannel/exec or /images/*.png on TCP port 12005. | ||||
| CVE-2018-15530 | 1 Xerox | 2 Colorqube 8580, Colorqube 8580 Firmware | 2024-11-21 | N/A |
| Cross-site scripting (XSS) in the web interface of the Xerox ColorQube 8580 allows remote persistent injection of custom HTML / JavaScript code. | ||||
| CVE-2018-15528 | 1 Javasystemsolutions | 1 Sso Plugin | 2024-11-21 | N/A |
| Reflected Cross-Site Scripting exists in the Java System Solutions SSO plugin 4.0.13.1 for BMC MyIT. A remote attacker can abuse this issue to inject client-side scripts into the "select_sso()" function. The payload is triggered when the victim opens a prepared /ux/jss-sso/arslogin?[XSS] link and then clicks the "Login" button. | ||||
| CVE-2018-15512 | 1 Totemo | 1 Totemomail | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in the 'Authorisation Service' feature of totemomail 6.0.0 build 570 allows remote attackers to inject arbitrary web script or HTML. | ||||
| CVE-2018-15511 | 1 Totemo | 1 Totemomail | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in the 'Notification template' feature of totemomail 6.0.0 build 570 allows remote attackers to inject arbitrary web script or HTML. | ||||
| CVE-2018-15510 | 1 Totemo | 1 Totemomail | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in the 'Certificate' feature of totemomail 6.0.0 build 570 allows remote attackers to inject arbitrary web script or HTML. | ||||
| CVE-2018-15494 | 2 Debian, Dojotoolkit | 2 Debian Linux, Dojo | 2024-11-21 | N/A |
| In Dojo Toolkit before 1.14, there is unescaped string injection in dojox/Grid/DataGrid. | ||||
| CVE-2018-15365 | 1 Trendmicro | 1 Deep Discovery Inspector | 2024-11-21 | N/A |
| A Reflected Cross-Site Scripting (XSS) vulnerability in Trend Micro Deep Discovery Inspector 3.85 and below could allow an attacker to bypass CSRF protection and conduct an attack on vulnerable installations. An attacker must be an authenticated user in order to exploit the vulnerability. | ||||
| CVE-2018-15315 | 1 F5 | 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more | 2024-11-21 | N/A |
| On F5 BIG-IP 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, there is a reflected Cross Site Scripting (XSS) vulnerability in an undisclosed Configuration Utility page. | ||||
| CVE-2018-15314 | 1 F5 | 1 Big-ip Advanced Firewall Manager | 2024-11-21 | N/A |
| On F5 BIG-IP AFM 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, there is a Reflected Cross Site Scripting vulnerability in undisclosed TMUI page. | ||||
| CVE-2018-15313 | 1 F5 | 1 Big-ip Advanced Firewall Manager | 2024-11-21 | N/A |
| On F5 BIG-IP AFM 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, there is a Reflected Cross Site Scripting vulnerability in undisclosed TMUI page. | ||||
| CVE-2018-15312 | 1 F5 | 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more | 2024-11-21 | N/A |
| On F5 BIG-IP 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, a reflected Cross-Site Scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an authenticated user to execute JavaScript for the currently logged-in user. | ||||