• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2018-18069

February 26, 2023 by

process_forms in the WPML (aka sitepress-multilingual-cms) plugin through 3.6.3 for WordPress has XSS via any locale_file_name_ parameter (such as locale_file_name_en) in an authenticated theme-localization.php request to wp-admin/admin.php.

CVE-2018-18082

February 26, 2023 by

XSS exists in Waimai Super Cms 20150505 via the fname parameter to the admin.php?m=Food&a=addsave or admin.php?m=Food&a=editsave URI.

CVE-2018-18087

February 26, 2023 by

The Bixie Portfolio plugin 1.2.0 for Pagekit has XSS: a logged-in user who has the “Manage portfolio” privilege can inject arbitrary web script or HTML via the Image URL field in the portfolio editor. The vulnerability is triggered by visiting /portfolio/${project_title}.

CVE-2018-1798

February 26, 2023 by

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 149428.

CVE-2018-17981

February 26, 2023 by

Lifesize Express ls ex2_4.7.10 2000 (14) devices allow XSS via the interface/interface.php brand parameter.

CVE-2018-17989

February 26, 2023 by

A stored XSS vulnerability exists in the web interface on D-Link DSL-3782 devices with firmware 1.01 that allows authenticated attackers to inject a JavaScript or HTML payload inside the ACL page. The injected payload would be executed in a user’s browser when “/cgi-bin/New_GUI/Acl.asp” is requested.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 392
  • Go to page 393
  • Go to page 394
  • Go to page 395
  • Go to page 396
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE