Total
34649 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-18781 | 1 Dedecms | 1 Dedecms | 2018-12-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| DedeCMS 5.7 SP2 allows XSS via the /member/uploads_select.php f or keyword parameter. | |||||
| CVE-2018-18782 | 1 Dedecms | 1 Dedecms | 2018-12-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| Reflected XSS exists in DedeCMS 5.7 SP2 via the /member/myfriend.php ftype parameter. | |||||
| CVE-2018-18579 | 1 Dedecms | 1 Dedecms | 2018-12-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| Reflected XSS exists in DedeCMS 5.7 SP2 via the /member/pm.php folder parameter. | |||||
| CVE-2018-18361 | 1 Nconsulting | 1 Nc-cms | 2018-12-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in nc-cms through 2017-03-10. index.php?action=edit_html allows XSS via the name parameter, as demonstrated by a value beginning with home_content and containing a crafted SRC attribute of an IMG element. | |||||
| CVE-2018-15312 | 1 F5 | 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more | 2018-12-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| On F5 BIG-IP 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, a reflected Cross-Site Scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an authenticated user to execute JavaScript for the currently logged-in user. | |||||
| CVE-2018-18372 | 1 Kaasoft | 1 Library Cms | 2018-12-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| A Stored XSS vulnerability has been discovered in KAASoft Library CMS - Powerful Book Management System 2.1.1 via the /admin/book/create/ title parameter. | |||||
| CVE-2014-6071 | 1 Jquery | 1 Jquery | 2018-11-30 | 4.3 MEDIUM | 6.1 MEDIUM |
| jQuery 1.4.2 allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to use of the text method inside after. | |||||
| CVE-2018-17964 | 1 Aryanic | 1 Highportal | 2018-11-30 | 4.3 MEDIUM | 6.1 MEDIUM |
| Aryanic HighPortal 12.5 has XSS via an Add Tags action. | |||||
| CVE-2018-15970 | 1 Adobe | 1 Experience Manager | 2018-11-30 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2018-15969 | 1 Adobe | 1 Experience Manager | 2018-11-30 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2018-15971 | 1 Adobe | 1 Experience Manager | 2018-11-30 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2018-15972 | 1 Adobe | 1 Experience Manager | 2018-11-30 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2018-15973 | 1 Adobe | 1 Experience Manager | 2018-11-30 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. | |||||
| CVE-2018-15538 | 1 Agentejo | 1 Cockpit | 2018-11-30 | 4.3 MEDIUM | 6.1 MEDIUM |
| Agentejo Cockpit has multiple Cross-Site Scripting vulnerabilities. | |||||
| CVE-2018-17533 | 1 Teltonika | 6 Rut900, Rut900 Firmware, Rut950 and 3 more | 2018-11-30 | 4.3 MEDIUM | 6.1 MEDIUM |
| Teltonika RUT9XX routers with firmware before 00.05.01.1 are prone to cross-site scripting vulnerabilities in hotspotlogin.cgi due to insufficient user input sanitization. | |||||
| CVE-2018-18431 | 1 Destoon | 1 Destoon B2b | 2018-11-29 | 3.5 LOW | 4.8 MEDIUM |
| An issue was discovered in DESTOON B2B 7.0. XSS exists via certain text boxes to the admin.php?moduleid=2&action=add URI. | |||||
| CVE-2018-18430 | 1 Destoon | 1 Destoon B2b | 2018-11-29 | 3.5 LOW | 4.8 MEDIUM |
| An issue was discovered in DESTOON B2B 7.0. admin\setting.inc.php has XSS via the first text box to the admin.php URI. | |||||
| CVE-2018-18433 | 1 Destoon | 1 Destoon B2b | 2018-11-29 | 3.5 LOW | 4.8 MEDIUM |
| An issue was discovered in DESTOON B2B 7.0. admin/category.inc.php has XSS via the category[catname] parameter to the admin.php URI. | |||||
| CVE-2012-0587 | 1 Apple | 1 Iphone Os | 2018-11-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0586, CVE-2012-0588, and CVE-2012-0589. | |||||
| CVE-2012-0588 | 1 Apple | 1 Iphone Os | 2018-11-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WebKit, as used in Apple iOS before 5.1, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2012-0586, CVE-2012-0587, and CVE-2012-0589. | |||||