• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2018-7355

February 26, 2023 by

All versions up to V1.0.0B05 of ZTE MF65 and all versions up to V1.0.0B02 of ZTE MF65M1 are impacted by cross-site scripting vulnerability. Due to improper neutralization of input during web page generation, an attacker could exploit this vulnerability to conduct reflected XSS or HTML injection attacks on the devices.

CVE-2018-7265

February 26, 2023 by

Shimmie 2 2.6.0 allows an attacker to upload a crafted SVG file that enables stored XSS.

CVE-2018-7274

February 26, 2023 by

Yab Quarx through 2.4.3 is prone to multiple persistent cross-site scripting vulnerabilities: Blog (Title), FAQ (Question), Pages (Title), Widgets (Name), and Menus (Name).

CVE-2018-7277

February 26, 2023 by

An issue was discovered on RLE Wi-MGR/FDS-Wi 6.2 devices. Persistent XSS exists in the web server. Remote attackers can inject malicious JavaScript code using the device’s BACnet implementation. This is similar to a Cross Protocol Injection with SNMP.

CVE-2018-7278

February 26, 2023 by

An issue was discovered on RLE Protocol Converter FDS-PC / FDS-PC-DP 2.1 devices. Persistent XSS exists in the web server. Remote attackers can inject malicious JavaScript code using the device’s BACnet implementation. This is similar to a Cross Protocol Injection with SNMP.

CVE-2018-7280

February 26, 2023 by

The Ninja Forms plugin before 3.2.14 for WordPress has XSS.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 258
  • Go to page 259
  • Go to page 260
  • Go to page 261
  • Go to page 262
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE