Total
36795 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-19917 | 1 Microweber | 1 Microweber | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Microweber 1.0.8 has reflected cross-site scripting (XSS) vulnerabilities. | |||||
| CVE-2018-19915 | 1 Domainmod | 1 Domainmod | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| DomainMOD through 4.11.01 has XSS via the assets/edit/host.php Web Host Name or Web Host URL field. | |||||
| CVE-2018-19914 | 1 Domainmod | 1 Domainmod | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| DomainMOD through 4.11.01 has XSS via the assets/add/dns.php Profile Name or notes field. | |||||
| CVE-2018-19913 | 1 Domainmod | 1 Domainmod | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| DomainMOD through 4.11.01 has XSS via the assets/add/registrar-accounts.php UserName, Reseller ID, or notes field. | |||||
| CVE-2018-19903 | 1 Xsltcms.org Project | 1 Xsltcms.org | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Persistent XSS exists in XSLT CMS via the create/?action=items.edit&type=Page title field. | |||||
| CVE-2018-19902 | 1 No-cms Project | 1 No-cms | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| No-CMS 1.1.3 is prone to Persistent XSS via the blog/manage_article "keyword" parameter. | |||||
| CVE-2018-19901 | 1 No-cms Project | 1 No-cms | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| No-CMS 1.1.3 is prone to Persistent XSS via the blog/manage_article/index/ "article_title" parameter. | |||||
| CVE-2018-19892 | 1 Domainmod | 1 Domainmod | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| DomainMOD through 4.11.01 has XSS via the admin/dw/add-server.php DisplayName, HostName, or UserName field. | |||||
| CVE-2018-19877 | 1 Adiscon | 1 Loganalyzer | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| login.php in Adiscon LogAnalyzer before 4.1.7 has XSS via the Login Button Referer field. | |||||
| CVE-2018-19849 | 1 Yzmcms | 1 Yzmcms | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| An issue was discovered in YzmCMS 5.2. XSS exists via the admin/content/search.html searinfo parameter. | |||||
| CVE-2018-19845 | 1 Get-simple | 1 Getsimple Cms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| There is Stored XSS in GetSimple CMS 3.3.12 via the admin/edit.php "post-menu" parameter, a related issue to CVE-2018-16325. | |||||
| CVE-2018-19844 | 1 Frogcms Project | 1 Frogcms | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| FROG CMS 0.9.5 has XSS via the admin/?/snippet/add name parameter, which is mishandled during an edit action, a related issue to CVE-2018-10319. | |||||
| CVE-2018-19836 | 1 Metinfo | 1 Metinfo | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| In Metinfo 6.1.3, include/interface/applogin.php allows setting arbitrary HTTP headers (including the Cookie header), and common.inc.php allows registering variables from the $_COOKIE value. This issue can, for example, be exploited in conjunction with CVE-2018-19835 to bypass many XSS filters such as the Chrome XSS filter. | |||||
| CVE-2018-19835 | 1 Metinfo | 1 Metinfo | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Metinfo 6.1.3 has reflected XSS via the admin/column/move.php lang_columnerr4 parameter. | |||||
| CVE-2018-19828 | 1 Artica | 1 Integria Ims | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Artica Integria IMS 5.0.83 has XSS via the search_string parameter. | |||||
| CVE-2018-19822 | 1 Infovista | 1 Vistaportal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/SharedCriteria.jsp" has reflected XSS via the ConnPoolName or GroupId parameter. | |||||
| CVE-2018-19821 | 1 Infovista | 1 Vistaportal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/SecurityPolicies.jsp" has reflected XSS via the ConnPoolName parameter. | |||||
| CVE-2018-19820 | 1 Infovista | 1 Vistaportal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/Roles.jsp" has reflected XSS via the ConnPoolName parameter. | |||||
| CVE-2018-19819 | 1 Infovista | 1 Vistaportal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/Rights.jsp" has reflected XSS via the ConnPoolName parameter. | |||||
| CVE-2018-19818 | 1 Infovista | 1 Vistaportal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/Contacts.jsp" has reflected XSS via the ConnPoolName parameter. | |||||