• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2018-19461

February 26, 2023 by

admindbDoSql.php in EmpireCMS through 7.5 allows XSS via crafted SQL syntax to admin/admin.php.

CVE-2018-19464

February 26, 2023 by

Discuz! X3.4 allows XSS via admin.php because admincp/admincp_setting.php and templatedefaultcommonfooter.htm mishandles statcode field from third-party stats code.

CVE-2018-19465

February 26, 2023 by

Maccms through 8.0 allows XSS via the site_keywords field to index.php?m=system-config because of tpl/module/system.php and tpl/html/system_config.html, related to template/paody/html/vod_index.html.

CVE-2018-19469

February 26, 2023 by

ArticleCMS through 2017-02-19 has XSS via the /update_personal_infomation realname or email parameter.

CVE-2018-1947

February 26, 2023 by

IBM Security Identity Governance and Intelligence 5.2 through 5.2.4.1 Virtual Appliance is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 153427.

CVE-2018-19394

February 26, 2023 by

Cobham Satcom Sailor 800 and 900 devices contained persistent XSS, which required administrative access to exploit. The vulnerability was exploitable by acquiring a copy of the device’s configuration file, inserting an XSS payload into a relevant field (e.g., Satellite name), and then restoring the malicious configuration file.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 355
  • Go to page 356
  • Go to page 357
  • Go to page 358
  • Go to page 359
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE