• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2018-19287

February 26, 2023 by

XSS in the Ninja Forms plugin before 3.3.18 for WordPress allows Remote Attackers to execute JavaScript via the includes/Admin/Menus/Submissions.php (aka submissions page) begin_date, end_date, or form_id parameter.

CVE-2018-19288

February 26, 2023 by

Zoho ManageEngine OpManager 12.3 before Build 123223 has XSS via the updateWidget API.

CVE-2018-19195

February 26, 2023 by

An issue was discovered in XiaoCms 20141229. There is XSS related to the templatedefaultshow_product.html file.

CVE-2018-19201

February 26, 2023 by

A reflected XSS vulnerability in the ModCP Profile Editor in MyBB before 1.8.20 allows remote attackers to inject JavaScript via the ‘username’ parameter.

CVE-2018-19202

February 26, 2023 by

A reflected XSS vulnerability in index.php in MyBB 1.8.x through 1.8.19 allows remote attackers to inject JavaScript via the ‘upsetting[bburl]’ parameter.

CVE-2018-19206

February 26, 2023 by

steps/mail/func.inc in Roundcube before 1.3.8 has XSS via crafted use of , as demonstrated by an onload attribute in a BODY element, within an HTML attachment.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 359
  • Go to page 360
  • Go to page 361
  • Go to page 362
  • Go to page 363
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE