Total
36795 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-19769 | 1 Infovista | 1 Vistaportal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "UserProperties.jsp" has reflected XSS via the ConnPoolName parameter. | |||||
| CVE-2018-19768 | 1 Infovista | 1 Vistaportal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "SubPagePackages.jsp" has reflected XSS via the ConnPoolName and GroupId parameters. | |||||
| CVE-2018-19767 | 1 Infovista | 1 Vistaportal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "PresentSpace.jsp" has reflected XSS via the ConnPoolName and GroupId parameters. | |||||
| CVE-2018-19766 | 1 Infovista | 1 Vistaportal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "GroupRessourceAdmin.jsp" has reflected XSS via the ConnPoolName parameter. | |||||
| CVE-2018-19765 | 1 Infovista | 1 Vistaportal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "EditCurrentPresentSpace.jsp" has reflected XSS via the ConnPoolName, GroupId, and ParentId parameters. | |||||
| CVE-2018-19752 | 1 Domainmod | 1 Domainmod | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| DomainMOD through 4.11.01 has XSS via the assets/add/registrar.php notes field for the Registrar. | |||||
| CVE-2018-19751 | 1 Domainmod | 1 Domainmod | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| DomainMOD through 4.11.01 has XSS via the admin/ssl-fields/add.php notes field for Custom SSL Fields. | |||||
| CVE-2018-19750 | 1 Domainmod | 1 Domainmod | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| DomainMOD through 4.11.01 has XSS via the admin/domain-fields/ notes field in an Add Custom Field action for Custom Domain Fields. | |||||
| CVE-2018-19749 | 1 Domainmod | 1 Domainmod | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| DomainMOD through 4.11.01 has XSS via the assets/add/account-owner.php Owner name field. | |||||
| CVE-2018-19727 | 1 Adobe | 1 Experience Manager | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2018-19726 | 1 Adobe | 1 Experience Manager | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2018-19724 | 1 Adobe | 1 Experience Manager | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager Forms versions 6.2, 6.3 and 6.4 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2018-19694 | 1 Hms-networks | 16 Netbiter Ec150, Netbiter Ec150 Firmware, Netbiter Ec250 and 13 more | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| HMS Industrial Networks Netbiter WS100 3.30.5 devices and previous have reflected XSS in the login form. | |||||
| CVE-2018-19693 | 1 Tp5cms Project | 1 Tp5cms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in tp5cms through 2017-05-25. admin.php/system/set.html has XSS via the title parameter. | |||||
| CVE-2018-19658 | 2 Apple, Evernote | 2 Macos, Yinxiang Biji | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| The Markdown editor in YXBJ before 8.3.2 on macOS has stored XSS. This behavior may be encountered by some Evernote users; however, it is a vulnerability in YXBJ, not a vulnerability in Evernote. | |||||
| CVE-2018-19649 | 1 Infovista | 1 Vistaportal | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| XSS exists in InfoVista VistaPortal SE Version 5.1 (build 51029). VPortal/mgtconsole/RolePermissions.jsp has reflected XSS via the ConnPoolName parameter. | |||||
| CVE-2018-19644 | 1 Microfocus | 1 Solutions Business Manager | 2024-11-21 | 4.3 MEDIUM | 5.0 MEDIUM |
| Reflected cross site script issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | |||||
| CVE-2018-19630 | 1 Openwrt | 2 Lede, Openwrt | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| cgi_handle_request in uhttpd in OpenWrt through 18.06.1 and LEDE through 17.01 has unauthenticated reflected XSS via the URI, as demonstrated by a cgi-bin/?[XSS] URI. | |||||
| CVE-2018-19615 | 1 Rockwellautomation | 2 Powermonitor 1000, Powermonitor 1000 Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Rockwell Automation Allen-Bradley PowerMonitor 1000 all versions. A remote attacker could inject arbitrary code into a targeted userĂ¢??s web browser to gain access to the affected device. | |||||
| CVE-2018-19614 | 1 Westermo | 6 Dr-250, Dr-250 Firmware, Dr-260 and 3 more | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| XSS exists in the /cmdexec/cmdexe?cmd= function in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers. | |||||