• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2018-8978

February 26, 2023 by

Open-AudIT Professional 2.1 has XSS via a crafted src attribute of an IMG element within a URI.

CVE-2018-8979

February 26, 2023 by

Open-AudIT Professional 2.1 has CSRF, as demonstrated by modifying a user account or inserting XSS sequences via the credentials URI.

CVE-2018-9015

February 26, 2023 by

dsmall v20180320 allows XSS via the public/index.php/home/predeposit/index.html pdr_sn parameter (aka the CMS search box).

CVE-2018-8924

February 26, 2023 by

Cross-site scripting (XSS) vulnerability in Title Tootip in Synology Office before 3.0.3-2143 allows remote authenticated users to inject arbitrary web script or HTML via the malicious file name.

CVE-2018-8928

February 26, 2023 by

Cross-site scripting (XSS) vulnerability in Address Book Editor in Synology CardDAV Server before 6.0.8-0086 allows remote authenticated users to inject arbitrary web script or HTML via the (1) family_name, (2) given_name, or (3) additional_name parameter.

CVE-2018-8942

February 26, 2023 by

Xiuno BBS 4.0.0 has XSS in the adminpage sitename parameter.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 235
  • Go to page 236
  • Go to page 237
  • Go to page 238
  • Go to page 239
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE