• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2018-20121

February 26, 2023 by

Podcast Generator 2.7 has stored cross-site scripting (XSS) via the URL addcategory parameter.

CVE-2018-2004

February 26, 2023 by

IBM Jazz Reporting Service (JRS) 6.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 155006.

CVE-2018-19992

February 26, 2023 by

A stored cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 allows remote authenticated users to inject arbitrary web script or HTML via the “address” (POST) or “town” (POST) parameter to adherents/type.php.

CVE-2018-19993

February 26, 2023 by

A reflected cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 allows remote attackers to inject arbitrary web script or HTML via the transphrase parameter to public/notice.php.

CVE-2018-19995

February 26, 2023 by

A stored cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 allows remote authenticated users to inject arbitrary web script or HTML via the “address” (POST) or “town” (POST) parameter to user/card.php.

CVE-2018-20006

February 26, 2023 by

An issue was discovered in PHPok v5.0.055. There is a Stored XSS vulnerability via the title parameter to api.php?c=post&f=save (reachable via the index.php?id=book URI).

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 334
  • Go to page 335
  • Go to page 336
  • Go to page 337
  • Go to page 338
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE