Total
34649 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-8891 | 1 Blackberry | 1 Unified Endpoint Manager | 2019-01-03 | 3.5 LOW | 4.8 MEDIUM |
| Multiple stored cross-site scripting (XSS) vulnerabilities in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator. | |||||
| CVE-2018-8888 | 1 Blackberry | 1 Unified Endpoint Manager | 2019-01-03 | 3.5 LOW | 4.8 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.10.0 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator. | |||||
| CVE-2018-19767 | 1 Infovista | 1 Vistaportal | 2019-01-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "PresentSpace.jsp" has reflected XSS via the ConnPoolName and GroupId parameters. | |||||
| CVE-2018-19773 | 1 Infovista | 1 Vistaportal | 2019-01-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "EditCurrentUser.jsp" has reflected XSS via the GroupId and ConnPoolName parameters. | |||||
| CVE-2018-20006 | 1 Phpok | 1 Phpok | 2019-01-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in PHPok v5.0.055. There is a Stored XSS vulnerability via the title parameter to api.php?c=post&f=save (reachable via the index.php?id=book URI). | |||||
| CVE-2018-8651 | 1 Microsoft | 1 Dynamics Nav | 2019-01-03 | 3.5 LOW | 5.4 MEDIUM |
| A cross site scripting vulnerability exists when Microsoft Dynamics NAV does not properly sanitize a specially crafted web request to an affected Dynamics NAV server, aka "Microsoft Dynamics NAV Cross Site Scripting Vulnerability." This affects Microsoft Dynamics NAV. | |||||
| CVE-2018-8652 | 1 Microsoft | 1 Windows Azure Pack Rollup | 2019-01-03 | 3.5 LOW | 5.4 MEDIUM |
| A Cross-site Scripting (XSS) vulnerability exists when Windows Azure Pack does not properly sanitize user-provided input, aka "Windows Azure Pack Cross Site Scripting Vulnerability." This affects Windows Azure Pack Rollup 13.1. | |||||
| CVE-2018-20136 | 1 Thedaylightstudio | 1 Fuel Cms | 2019-01-03 | 3.5 LOW | 4.8 MEDIUM |
| XSS exists in FUEL CMS 1.4.3 via the Header or Body in the Layout Variables during new-page creation, as demonstrated by the pages/edit/1?lang=english URI. | |||||
| CVE-2018-20137 | 1 Thedaylightstudio | 1 Fuel Cms | 2019-01-03 | 3.5 LOW | 4.8 MEDIUM |
| XSS exists in FUEL CMS 1.4.3 via the Page title, Meta description, or Meta keywords during page data management, as demonstrated by the pages/edit/1?lang=english URI. | |||||
| CVE-2018-19817 | 1 Infovista | 1 Vistaportal | 2019-01-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/AdminAuthorisationFrame.jsp" has reflected XSS via the ConnPoolName or GroupId parameter. | |||||
| CVE-2018-19818 | 1 Infovista | 1 Vistaportal | 2019-01-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/Contacts.jsp" has reflected XSS via the ConnPoolName parameter. | |||||
| CVE-2018-19820 | 1 Infovista | 1 Vistaportal | 2019-01-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/Roles.jsp" has reflected XSS via the ConnPoolName parameter. | |||||
| CVE-2018-19821 | 1 Infovista | 1 Vistaportal | 2019-01-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/SecurityPolicies.jsp" has reflected XSS via the ConnPoolName parameter. | |||||
| CVE-2018-19822 | 1 Infovista | 1 Vistaportal | 2019-01-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/SharedCriteria.jsp" has reflected XSS via the ConnPoolName or GroupId parameter. | |||||
| CVE-2018-19766 | 1 Infovista | 1 Vistaportal | 2019-01-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "GroupRessourceAdmin.jsp" has reflected XSS via the ConnPoolName parameter. | |||||
| CVE-2018-19771 | 1 Infovista | 1 Vistaportal | 2019-01-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "EditCurrentPool.jsp" has reflected XSS via the PropName parameter. | |||||
| CVE-2018-19810 | 1 Infovista | 1 Vistaportal | 2019-01-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/GroupMove.jsp" has reflected XSS via the ConnPoolName, GroupId, or type parameter. | |||||
| CVE-2018-19769 | 1 Infovista | 1 Vistaportal | 2019-01-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "UserProperties.jsp" has reflected XSS via the ConnPoolName parameter. | |||||
| CVE-2018-19649 | 1 Infovista | 1 Vistaportal | 2019-01-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| XSS exists in InfoVista VistaPortal SE Version 5.1 (build 51029). VPortal/mgtconsole/RolePermissions.jsp has reflected XSS via the ConnPoolName parameter. | |||||
| CVE-2018-19809 | 1 Infovista | 1 Vistaportal | 2019-01-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "/VPortal/mgtconsole/GroupCopy.jsp" has reflected XSS via the ConnPoolName, GroupId, or type parameter. | |||||