CWE-CWE-79 CVE - OpenCVE

Filtered by CWE-79

Total 36798 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2018-20565	1 Douco	1 Douphp	2024-11-21	3.5 LOW	4.8 MEDIUM
An issue was discovered in DouCo DouPHP 1.5 20181221. admin/nav.php?rec=update has XSS via the nav_name parameter.
CVE-2018-20564	1 Douco	1 Douphp	2024-11-21	3.5 LOW	4.8 MEDIUM
An issue was discovered in DouCo DouPHP 1.5 20181221. admin/product_category.php?rec=update has XSS via the cat_name parameter.
CVE-2018-20563	1 Douco	1 Douphp	2024-11-21	3.5 LOW	4.8 MEDIUM
An issue was discovered in DouCo DouPHP 1.5 20181221. admin/mobile.php?rec=system&act=update has XSS via the mobile_name parameter.
CVE-2018-20562	1 Douco	1 Douphp	2024-11-21	3.5 LOW	4.8 MEDIUM
An issue was discovered in DouCo DouPHP 1.5 20181221. admin/article_category.php?rec=update has XSS via the cat_name parameter.
CVE-2018-20561	1 Douco	1 Douphp	2024-11-21	3.5 LOW	4.8 MEDIUM
An issue was discovered in DouCo DouPHP 1.5 20181221. admin/article.php?rec=update has XSS via the title parameter.
CVE-2018-20560	1 Douco	1 Douphp	2024-11-21	3.5 LOW	4.8 MEDIUM
An issue was discovered in DouCo DouPHP 1.5 20181221. admin/show.php?rec=update has XSS via the show_name parameter.
CVE-2018-20559	1 Douco	1 Douphp	2024-11-21	3.5 LOW	4.8 MEDIUM
An issue was discovered in DouCo DouPHP 1.5 20181221. admin/product.php?rec=update has XSS via the name parameter.
CVE-2018-20558	1 Douco	1 Douphp	2024-11-21	3.5 LOW	4.8 MEDIUM
An issue was discovered in DouCo DouPHP 1.5 20181221. admin/system.php?rec=update has XSS via the site_name parameter.
CVE-2018-20557	1 Douco	1 Douphp	2024-11-21	3.5 LOW	4.8 MEDIUM
An issue was discovered in DouCo DouPHP 1.5 20181221. admin/page.php?rec=edit has XSS via the page_name parameter.
CVE-2018-20530	1 Website Seller Script Project	1 Website Seller Script	2024-11-21	3.5 LOW	5.4 MEDIUM
PHP Scripts Mall Website Seller Script 2.0.5 has XSS via a Profile field such as Company Address, a related issue to CVE-2018-15896.
CVE-2018-20524	1 Urlchatbox	1 Chat Anywhere	2024-11-21	4.3 MEDIUM	6.1 MEDIUM
The Chat Anywhere extension 2.4.0 for Chrome allows XSS via crafted use of <<a> in a message, because a danmuWrapper DIV element in chatbox-only\danmu.js is outside the scope of a Content Security Policy (CSP).
CVE-2018-20520	1 1234n	1 Minicms	2024-11-21	4.3 MEDIUM	6.1 MEDIUM
MiniCMS V1.10 has XSS via the mc-admin/post-edit.php query string, a related issue to CVE-2018-10296 and CVE-2018-16233.
CVE-2018-20503	1 Alliedtelesis	2 8100l\/8, 8100l\/8 Firmware	2024-11-21	4.3 MEDIUM	6.1 MEDIUM
Allied Telesis 8100L/8 devices allow XSS via the edit-ipv4_interface.php vlanid or subnet_mask parameter.
CVE-2018-20496	1 Gitlab	1 Gitlab	2024-11-21	3.5 LOW	5.4 MEDIUM
An issue was discovered in GitLab Community and Enterprise Edition 11.2.x through 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows XSS.
CVE-2018-20491	1 Gitlab	1 Gitlab	2024-11-21	3.5 LOW	5.4 MEDIUM
An issue was discovered in GitLab Enterprise Edition 11.3.x and 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows XSS.
CVE-2018-20490	1 Gitlab	1 Gitlab	2024-11-21	3.5 LOW	5.4 MEDIUM
An issue was discovered in GitLab Community and Enterprise Edition 11.2.x through 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows XSS.
CVE-2018-20486	1 Metinfo	1 Metinfo	2024-11-21	4.3 MEDIUM	6.1 MEDIUM
MetInfo 6.x through 6.1.3 has XSS via the /admin/login/login_check.php url_array[] parameter.
CVE-2018-20485	1 Zohocorp	1 Manageengine Adselfservice Plus	2024-11-21	4.3 MEDIUM	6.1 MEDIUM
Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in the employee search feature.
CVE-2018-20484	1 Zohocorp	1 Manageengine Adselfservice Plus	2024-11-21	4.3 MEDIUM	6.1 MEDIUM
Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in the self-update layout implementation.
CVE-2018-20476	1 S-cms	1 S-cms	2024-11-21	4.3 MEDIUM	6.1 MEDIUM
An issue was discovered in S-CMS 3.0. It allows XSS via the admin/demo.php T_id parameter.

Vulnerabilities (CVE)