• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2018-18674

February 26, 2023 by

GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the “board tail contents” parameter, aka the adm/board_form_update.php bo_content_tail parameter.

CVE-2018-18675

February 26, 2023 by

GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the “mobile board title contents” parameter, aka the adm/board_form_update.php bo_mobile_subject parameter.

CVE-2018-18676

February 26, 2023 by

GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the “mobile board tail contents” parameter, aka the adm/board_form_update.php bo_mobile_content_tail parameter.

CVE-2018-18678

February 26, 2023 by

GNUBOARD5 before 5.3.2.0 has XSS that allows remote attackers to inject arbitrary web script or HTML via the “board group extra contents” parameter, aka the adm/boardgroup_form_update.php gr_1~10 parameter.

CVE-2018-18692

February 26, 2023 by

A reflected Cross-Site scripting (XSS) vulnerability in SEMCO Semcosoft 5.3 allows remote attackers to inject arbitrary web scripts or HTML via the username parameter to the Login Form.

CVE-2018-18608

February 26, 2023 by

DedeCMS 5.7 SP2 allows XSS via the function named GetPageList defined in the include/datalistcp.class.php file that is used to display the page numbers list at the bottom of some templates, as demonstrated by the PATH_INFO to /member/index.php, /member/pm.php, /member/content_list.php, or /plus/feedback.php.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 378
  • Go to page 379
  • Go to page 380
  • Go to page 381
  • Go to page 382
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE