• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2018-19051

February 26, 2023 by

MetInfo 6.1.3 has XSS via the admin/index.php?a=dogetpassword abt_type parameter.

CVE-2018-19056

February 26, 2023 by

pandao Editor.md 1.5.0 has DOM XSS via input starting with a “<<" substring, which is mishandled during construction of an A element.

CVE-2018-19057

February 26, 2023 by

SimpleMDE 1.11.2 has XSS via an onerror attribute of a crafted IMG element, or via certain input with [ and ( characters, which is mishandled during construction of an A element.

CVE-2018-18991

February 26, 2023 by

Reflected cross-site scripting (non-persistent) in SCADA WebServer (Versions prior to 2.03.0001) could allow an attacker to send a crafted URL that contains JavaScript, which can be reflected off the web application to the victim’s browser.

CVE-2018-18997

February 26, 2023 by

Pluto Safety PLC Gateway Ethernet devices in ABB GATE-E1 and GATE-E2 all versions allows an unauthenticated attacker using the administrative web interface to insert an HTML/Javascript payload into any of the device properties, which may allow an attacker to display/execute the payload in a visitor browser.

CVE-2018-1900

February 26, 2023 by

IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, 7.0.1, and 7.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152529.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 366
  • Go to page 367
  • Go to page 368
  • Go to page 369
  • Go to page 370
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE