• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2018-17904

February 26, 2023 by

Reliance 4 SCADA/HMI, Version 4.7.3 Update 3 and prior. This vulnerability could allow an unauthorized attacker to inject arbitrary code.

CVE-2018-1793

February 26, 2023 by

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 using SAML ear is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 148948.

CVE-2018-17865

February 26, 2023 by

** UNSUPPORTED WHEN ASSIGNED ** A cross-site scripting (XSS) vulnerability in SAP J2EE Engine 7.01 allows remote attackers to inject arbitrary web script via the wsdlPath parameter to /ctcprotocol/Protocol. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

CVE-2018-17866

February 26, 2023 by

Multiple cross-site scripting (XSS) vulnerabilities in includes/core/um-actions-login.php in the “Ultimate Member – User Profile & Membership” plugin before 2.0.28 for WordPress allow remote attackers to inject arbitrary web script or HTML via the “Primary button Text” or “Second button text” field.

CVE-2018-17868

February 26, 2023 by

DASAN H660GW devices have Stored XSS in the Port Forwarding functionality.

CVE-2018-17874

February 26, 2023 by

ExpressionEngine before 4.3.5 has reflected XSS.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 395
  • Go to page 396
  • Go to page 397
  • Go to page 398
  • Go to page 399
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE