• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2018-6010

February 26, 2023 by

In Yii Framework 2.x before 2.0.14, remote attackers could obtain potentially sensitive information from exception messages, or exploit reflected XSS on the error handler page in non-debug mode. Related to base/ErrorHandler.php, log/Dispatcher.php, and views/errorHandler/exception.php.

CVE-2018-6013

February 26, 2023 by

Cross-site scripting (XSS) in BigTree 4.2.19 allows any remote users to inject arbitrary web script or HTML via the directory parameter. This issue exists in core/admin/ajax/developer/extensions/file-browser.php.

CVE-2018-5950

February 26, 2023 by

Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL.

CVE-2018-5961

February 26, 2023 by

CentOS-WebPanel.com (aka CWP) CentOS Web Panel through v0.9.8.12 has XSS via the `module` value of the `index.php` file.

CVE-2018-5962

February 26, 2023 by

index.php in CentOS-WebPanel.com (aka CWP) CentOS Web Panel through v0.9.8.12 has XSS via the id parameter to the phpini_editor module or the email_address parameter to the mail_add-new module.

CVE-2018-5963

February 26, 2023 by

CMS Made Simple (CMSMS) 2.2.5 has XSS in admin/addbookmark.php via the title parameter.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 277
  • Go to page 278
  • Go to page 279
  • Go to page 280
  • Go to page 281
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE