• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2018-9173

February 26, 2023 by

Cross-site scripting (XSS) vulnerability in admin/template/js/uploadify/uploadify.swf in GetSimple CMS 3.3.13 allows remote attackers to inject arbitrary web script or HTML, as demonstrated by the movieName parameter.

CVE-2018-9177

February 26, 2023 by

Twonky Server before 8.5.1 has XSS via a folder name on the Shared Folders screen.

CVE-2018-9182

February 26, 2023 by

Twonky Server before 8.5.1 has XSS via a modified “language” parameter in the Language section.

CVE-2018-9183

February 26, 2023 by

The Joom Sky JS Jobs extension before 1.2.1 for Joomla! has XSS.

CVE-2018-9103

February 26, 2023 by

A vulnerability in the conferencing component of Mitel MiVoice Connect, versions R1707-PREM SP1 (21.84.5535.0) and earlier, and Mitel ST 14.2, versions GA27 (19.49.5200.0) and earlier, could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due to insufficient validation for the signin.php page. A successful exploit could allow an attacker to execute arbitrary scripts.

CVE-2018-9104

February 26, 2023 by

A vulnerability in the conferencing component of Mitel MiVoice Connect, versions R1707-PREM SP1 (21.84.5535.0) and earlier, and Mitel ST 14.2, versions GA27 (19.49.5200.0) and earlier, could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due to insufficient validation for the api.php page. A successful exploit could allow an attacker to execute arbitrary scripts.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 231
  • Go to page 232
  • Go to page 233
  • Go to page 234
  • Go to page 235
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE