• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2018-19091

February 26, 2023 by

tianti 2.3 has reflected XSS in the user management module via the tianti-module-admin/user/list userName parameter.

CVE-2018-19092

February 26, 2023 by

An issue was discovered in YzmCMS v5.2. It has XSS via a search/index/archives/pubtime/ query string, as demonstrated by the search/index/archives/pubtime/1526387722/page/1.html URI. NOTE: this does not obtain a user’s cookie.

CVE-2018-1910

February 26, 2023 by

IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152734.

CVE-2018-19041

February 26, 2023 by

The Media File Manager plugin 1.4.2 for WordPress allows XSS via the dir parameter of an mrelocator_getdir action to the wp-admin/admin-ajax.php URI.

CVE-2018-19048

February 26, 2023 by

Simditor through 2.3.21 allows DOM XSS via an onload attribute within a malformed SVG element.

CVE-2018-19050

February 26, 2023 by

MetInfo 6.1.3 has XSS via the admin/index.php?a=dogetpassword langset parameter.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 365
  • Go to page 366
  • Go to page 367
  • Go to page 368
  • Go to page 369
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE