Total
34649 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-10527 | 1 Easycms Project | 1 Easycms | 2018-06-05 | 3.5 LOW | 5.4 MEDIUM |
| EasyCMS 1.3 is prone to Stored XSS when posting an article; four fields are affected: title, keyword, abstract, and content, as demonstrated by the /admin/index/index.html#listarticle URI. | |||||
| CVE-2018-8149 | 1 Microsoft | 1 Sharepoint Server | 2018-06-05 | 3.5 LOW | 5.4 MEDIUM |
| An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint. This CVE ID is unique from CVE-2018-8155, CVE-2018-8156, CVE-2018-8168. | |||||
| CVE-2018-8155 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2018-06-05 | 3.5 LOW | 5.4 MEDIUM |
| An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint. This CVE ID is unique from CVE-2018-8149, CVE-2018-8156, CVE-2018-8168. | |||||
| CVE-2018-8156 | 1 Microsoft | 2 Project Server, Sharepoint Server | 2018-06-05 | 3.5 LOW | 5.4 MEDIUM |
| An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint, Microsoft Project Server. This CVE ID is unique from CVE-2018-8149, CVE-2018-8155, CVE-2018-8168. | |||||
| CVE-2018-8168 | 1 Microsoft | 1 Sharepoint Server | 2018-06-05 | 3.5 LOW | 5.4 MEDIUM |
| An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint. This CVE ID is unique from CVE-2018-8149, CVE-2018-8155, CVE-2018-8156. | |||||
| CVE-2018-10259 | 1 Hrsale Project | 1 Hrsale | 2018-06-05 | 3.5 LOW | 5.4 MEDIUM |
| An Authenticated Stored XSS vulnerability was found in HRSALE The Ultimate HRM v1.0.2, exploitable by a low privileged user. | |||||
| CVE-2018-10365 | 1 Threads To Link Project | 1 Threads To Link | 2018-06-05 | 3.5 LOW | 5.4 MEDIUM |
| An XSS issue was discovered in the Threads to Link plugin 1.3 for MyBB. When editing a thread, the user is given the option to convert the thread to a link. The thread link input box is not properly sanitized. | |||||
| CVE-2018-10364 | 1 Bigtreecms | 1 Bigtree Cms | 2018-06-05 | 3.5 LOW | 5.4 MEDIUM |
| BigTree before 4.2.22 has XSS in the Users management page via the name or company field. | |||||
| CVE-2018-10294 | 1 Flexense | 1 Diskboss | 2018-06-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| Flexense DiskBoss Enterprise v7.4.28 to v9.1.16 has XSS. | |||||
| CVE-2018-10568 | 1 Flexense | 1 Disksorter | 2018-06-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| XSS exists in Flexense DiskSorter Enterprise from v9.5.12 to v10.7. | |||||
| CVE-2018-10567 | 1 Flexense | 1 Vx Search | 2018-06-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| XSS exists in Flexense VX Search Enterprise from v10.1.12 to v10.7. | |||||
| CVE-2018-10566 | 1 Flexense | 1 Dupscout | 2018-06-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| XSS exists in Flexense DupScout Enterprise from v10.0.18 to v10.7. | |||||
| CVE-2018-10565 | 1 Flexense | 1 Disksavvy | 2018-06-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| XSS exists in Flexense DiskSavvy Enterprise from v10.4 to v10.7. | |||||
| CVE-2018-10564 | 1 Flexense | 1 Diskpulse | 2018-06-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| XSS exists in Flexense DiskPulse Enterprise from v10.4 to v10.7. | |||||
| CVE-2018-10563 | 1 Flexense | 1 Syncbreeze | 2018-06-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| An XSS in Flexense SyncBreeze affects all versions (tested from SyncBreeze Enterprise from v10.1 to v10.7). | |||||
| CVE-2011-3841 | 1 Wpsymposiumpro | 1 Wp Symposium | 2018-06-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in uploadify/get_profile_avatar.php in the WP Symposium plugin before 11.12.08 for WordPress allows remote attackers to inject arbitrary web script or HTML via the uid parameter. | |||||
| CVE-2014-3110 | 1 Honeywell | 2 Falcon Xlweb Linux Controller, Falcon Xlweb Xlwebexe | 2018-05-27 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities on Honeywell FALCON XLWeb Linux controller devices 2.04.01 and earlier and FALCON XLWeb XLWebExe controller devices 2.02.11 and earlier allow remote attackers to inject arbitrary web script or HTML via invalid input. | |||||
| CVE-2018-1473 | 1 Ibm | 1 Bigfix Platform | 2018-05-25 | 4.3 MEDIUM | 6.1 MEDIUM |
| IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 140691. | |||||
| CVE-2018-1363 | 1 Ibm | 1 Jazz Reporting Service | 2018-05-25 | 3.5 LOW | 5.4 MEDIUM |
| IBM Jazz Reporting Service (JRS) 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 137448. | |||||
| CVE-2017-1750 | 1 Ibm | 1 Jazz Reporting Service | 2018-05-25 | 3.5 LOW | 5.4 MEDIUM |
| IBM Jazz Reporting Service (JRS) 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 135523. | |||||