• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2018-16654

February 26, 2023 by

Zurmo 3.2.4 Stable allows XSS via app/index.php/accounts/default/details?id=2&kanbanBoard=1&openToTaskId=1.

CVE-2018-16655

February 26, 2023 by

Gxlcms 1.0 has XSS via the PATH_INFO to gx/lib/ThinkPHP/Tpl/ThinkException.tpl.php.

CVE-2018-1667

February 26, 2023 by

IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through 7.5.2.17, 7.5.1.0 through 7.5.1.17, 7.5.0.0 through 7.5.0.18, and 7.7.0.0 through 7.7.1.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 144893.

CVE-2018-1671

February 26, 2023 by

IBM Curam Social Program Management 7.0.3 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim’s Web browser within the security context of the hosting site. IBM X-force ID: 144951.

CVE-2018-16623

February 26, 2023 by

Kirby V2.5.12 is prone to a Persistent XSS attack via the Title of the “Site options” in the admin panel dashboard dropdown.

CVE-2018-16624

February 26, 2023 by

panel/pages/home/edit in Kirby v2.5.12 allows XSS via the title of a new page.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 421
  • Go to page 422
  • Go to page 423
  • Go to page 424
  • Go to page 425
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE