Total
34649 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-5662 | 1 Responsive Coming Soon Page Project | 1 Responsive Coming Soon Page | 2019-03-05 | 3.5 LOW | 4.8 MEDIUM |
| An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. XSS exists via the wp-admin/admin.php counter_title parameter. | |||||
| CVE-2018-5664 | 1 Responsive Coming Soon Page Project | 1 Responsive Coming Soon Page | 2019-03-05 | 3.5 LOW | 4.8 MEDIUM |
| An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. XSS exists via the wp-admin/admin.php social_icon_1 parameter. | |||||
| CVE-2018-5663 | 1 Responsive Coming Soon Page Project | 1 Responsive Coming Soon Page | 2019-03-05 | 3.5 LOW | 4.8 MEDIUM |
| An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. XSS exists via the wp-admin/admin.php button_text_link parameter. | |||||
| CVE-2018-5665 | 1 Responsive Coming Soon Page Project | 1 Responsive Coming Soon Page | 2019-03-05 | 3.5 LOW | 4.8 MEDIUM |
| An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. XSS exists via the wp-admin/admin.php logo_height parameter. | |||||
| CVE-2018-5661 | 1 Responsive Coming Soon Page Project | 1 Responsive Coming Soon Page | 2019-03-05 | 3.5 LOW | 4.8 MEDIUM |
| An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. XSS exists via the wp-admin/admin.php logo_width parameter. | |||||
| CVE-2018-5660 | 1 Responsive Coming Soon Page Project | 1 Responsive Coming Soon Page | 2019-03-05 | 3.5 LOW | 4.8 MEDIUM |
| An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. XSS exists via the wp-admin/admin.php coming-soon_sub_title parameter. | |||||
| CVE-2018-5659 | 1 Responsive Coming Soon Page Project | 1 Responsive Coming Soon Page | 2019-03-05 | 3.5 LOW | 4.8 MEDIUM |
| An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. XSS exists via the wp-admin/admin.php coming-soon_title parameter. | |||||
| CVE-2018-5657 | 1 Responsive Coming Soon Page Project | 1 Responsive Coming Soon Page | 2019-03-04 | 3.5 LOW | 4.8 MEDIUM |
| An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. XSS exists via the wp-admin/admin.php counter_title_icon parameter. | |||||
| CVE-2018-20448 | 1 Frog Cms Project | 1 Frog Cms | 2019-03-04 | 3.5 LOW | 5.4 MEDIUM |
| Frog CMS 0.9.5 has XSS via the Database name field to the /install/index.php URI. | |||||
| CVE-2018-5691 | 1 Sonicwall | 2 Analyzer, Global Management System | 2019-03-04 | 3.5 LOW | 5.4 MEDIUM |
| SonicWall Global Management System (GMS) 8.1 has XSS via the `newName` and `Name` values of the `/sgms/TreeControl` module. | |||||
| CVE-2019-9551 | 1 Wdoyo | 1 Doyocms | 2019-03-04 | 3.5 LOW | 4.8 MEDIUM |
| An issue was discovered in DOYO (aka doyocms) 2.3 through 2015-05-06. It has admin.php XSS. | |||||
| CVE-2018-20153 | 2 Debian, Wordpress | 2 Debian Linux, Wordpress | 2019-03-04 | 3.5 LOW | 5.4 MEDIUM |
| In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could modify new comments made by users with greater privileges, possibly causing XSS. | |||||
| CVE-2018-20150 | 2 Debian, Wordpress | 2 Debian Linux, Wordpress | 2019-03-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| In WordPress before 4.9.9 and 5.x before 5.0.1, crafted URLs could trigger XSS for certain use cases involving plugins. | |||||
| CVE-2018-20149 | 2 Debian, Wordpress | 2 Debian Linux, Wordpress | 2019-03-04 | 3.5 LOW | 5.4 MEDIUM |
| In WordPress before 4.9.9 and 5.x before 5.0.1, when the Apache HTTP Server is used, authors could upload crafted files that bypass intended MIME type restrictions, leading to XSS, as demonstrated by a .jpg file without JPEG data. | |||||
| CVE-2019-9550 | 1 Dhcms Project | 1 Dhcms | 2019-03-04 | 3.5 LOW | 4.8 MEDIUM |
| DhCms through 2017-09-18 has admin.php?r=admin/Index/index XSS. | |||||
| CVE-2019-8279 | 1 Vanillaforums | 1 Vanilla Forums | 2019-03-04 | 3.5 LOW | 5.4 MEDIUM |
| Multiple stored XSS in Vanilla Forums before 2.5 allow remote attackers to inject arbitrary JavaScript code into any message on forum. | |||||
| CVE-2016-8751 | 1 Apache | 1 Ranger | 2019-03-01 | 3.5 LOW | 4.8 MEDIUM |
| Apache Ranger before 0.6.3 is vulnerable to a Stored Cross-Site Scripting in when entering custom policy conditions. Admin users can store some arbitrary javascript code to be executed when normal users login and access policies. | |||||
| CVE-2018-7261 | 1 Radiantcms | 1 Radiant Cms | 2019-03-01 | 3.5 LOW | 5.4 MEDIUM |
| There are multiple Persistent XSS vulnerabilities in Radiant CMS 1.1.4. They affect Personal Preferences (Name and Username) and Configuration (Site Title, Dev Site Domain, Page Parts, and Page Fields). | |||||
| CVE-2019-9226 | 1 Baigo | 1 Baigo Cms | 2019-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in baigo CMS 2.1.1. There is a persistent XSS vulnerability that allows remote attackers to inject arbitrary web script or HTML via the opt[base][BG_SITE_NAME] parameter to the bg_console/index.php?m=opt&c=request URI. | |||||
| CVE-2018-8716 | 1 Wso2 | 1 Identity Server | 2019-02-28 | 3.5 LOW | 5.4 MEDIUM |
| WSO2 Identity Server before 5.5.0 has XSS via the dashboard, allowing attacks by low-privileged attackers. | |||||