• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2018-16804

February 26, 2023 by

An issue was discovered in UCMS 1.4.6. There is XSS in the title bar, as demonstrated by a do=list request.

CVE-2018-16805

February 26, 2023 by

In b3log Solo 2.9.3, XSS in the Input page under the Publish Articles menu, with an ID of linkAddress stored in the link JSON field, allows remote attackers to inject arbitrary Web scripts or HTML via a crafted site name provided by an administrator.

CVE-2018-16808

February 26, 2023 by

An issue was discovered in Dolibarr through 7.0.0. There is Stored XSS in expensereport/card.php in the expense reports plugin via the comments parameter, or a public or private note.

CVE-2018-16833

February 26, 2023 by

Zoho ManageEngine Desktop Central 10.0.271 has XSS via the “Features & Articles” search field to the /advsearch.do?SUBREQUEST=XMLHTTP URI.

CVE-2018-16759

February 26, 2023 by

The removeXSS function in App/Common/common.php (called from App/Modules/Index/Action/SearchAction.class.php) in EasyCMS v1.4 allows XSS via an onhashchange event.

CVE-2018-1676

February 26, 2023 by

IBM Planning Analytics 2.0.0 through 2.0.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 145118.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 417
  • Go to page 418
  • Go to page 419
  • Go to page 420
  • Go to page 421
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE