• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2018-9235

February 26, 2023 by

iScripts SonicBB 1.0 has Reflected Cross-Site Scripting via the query parameter to search.php.

CVE-2018-9236

February 26, 2023 by

iScripts EasyCreate 3.2.1 has Stored Cross-Site Scripting in the “Site title” field.

CVE-2018-9237

February 26, 2023 by

iScripts EasyCreate 3.2.1 has Stored Cross-Site Scripting in the “Site Description” field.

CVE-2018-9238

February 26, 2023 by

proberv.php in Yahei-PHP Proberv 0.4.7 has XSS via the funName parameter.

CVE-2018-9243

February 26, 2023 by

GitLab Community and Enterprise Editions version 8.4 up to 10.4 are vulnerable to XSS because a lack of input validation in the merge request component leads to cross site scripting (specifically, filenames in changes tabs of merge requests). This is fixed in 10.6.3, 10.5.7, and 10.4.7.

CVE-2018-9244

February 26, 2023 by

GitLab Community and Enterprise Editions version 9.2 up to 10.4 are vulnerable to XSS because a lack of input validation in the milestones component leads to cross site scripting (specifically, data-milestone-id in the milestone dropdown feature). This is fixed in 10.6.3, 10.5.7, and 10.4.7.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 229
  • Go to page 230
  • Go to page 231
  • Go to page 232
  • Go to page 233
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE