• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2018-5124

February 26, 2023 by

Unsanitized output in the browser UI leaves HTML tags in place and can result in arbitrary code execution in Firefox before version 58.0.1.

CVE-2018-5143

February 26, 2023 by

URLs using “javascript:” have the protocol removed when pasted into the addressbar to protect users from cross-site scripting (XSS) attacks, but if a tab character is embedded in the “javascript:” URL the protocol is not removed and the script will execute. This could allow users to be socially engineered to run an XSS attack against themselves. This vulnerability affects Firefox < 59.

CVE-2018-5071

February 26, 2023 by

Persistent XSS exists in the web server on Cobham Sea Tel 116 build 222429 satellite communication system devices: remote attackers can inject malicious JavaScript code using the device’s TELNET shell built-in commands, as demonstrated by the “set ship name” command. This is similar to a Cross Protocol Injection with SNMP.

CVE-2018-5072

February 26, 2023 by

Online Ticket Booking has XSS via the admin/sitesettings.php keyword parameter.

CVE-2018-5074

February 26, 2023 by

Online Ticket Booking has XSS via the admin/manageownerlist.php contact parameter.

CVE-2018-5075

February 26, 2023 by

Online Ticket Booking has XSS via the admin/snacks_edit.php snacks_name parameter.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 292
  • Go to page 293
  • Go to page 294
  • Go to page 295
  • Go to page 296
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE