• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2018-8832

February 26, 2023 by

enhavo 0.4.0 has XSS via a user-group that contains executable JavaScript code in the user-group name. The XSS attack launches when a victim visits the admin user group page.

CVE-2018-8846

February 26, 2023 by

Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is then served to other users.

CVE-2018-8805

February 26, 2023 by

Yxcms building system (compatible cell phone) v1.4.7 has XSS via the content parameter to protectedappsdefaultviewdefaultextend_guestbook.php or protectedappsdefaultviewmobileextend_guestbook.php in an index.php?r=default/column/index&col=guestbook request.

CVE-2018-8815

February 26, 2023 by

Cross-site scripting (XSS) vulnerability in the gallery function in Alkacon OpenCMS 10.5.3 allows remote attackers to inject arbitrary web script or HTML via a malicious SVG image.

CVE-2018-8737

February 26, 2023 by

Bookme Control Panel 2.0 Application is vulnerable to stored XSS within the Customers “Book Me” function. Within the Name and Note (aka custName and custNote) sections of the Customers screen, the application does not sanitize user-supplied input and renders injected JavaScript code to the user’s browser.

CVE-2018-8738

February 26, 2023 by

Airties 5444 1.0.0.18 and 5444TT 1.0.0.18 devices allow XSS.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 239
  • Go to page 240
  • Go to page 241
  • Go to page 242
  • Go to page 243
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE