• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2018-16362

February 26, 2023 by

An issue was discovered in the Source Integration plugin before 1.5.9 and 2.x before 2.1.5 for MantisBT. A cross-site scripting (XSS) vulnerability in the Manage Repository and Changesets List pages allows execution of arbitrary code (if CSP settings permit it) via repo_manage_page.php or list.php.

CVE-2018-16363

February 26, 2023 by

The mndpsingh287 File Manager plugin V2.9 for WordPress has XSS via the lang parameter in a wp-admin/admin.php?page=wp_file_manager request because set_transient is used in file_folder_manager.php and there is an echo of lang in libwpfilemanager.php.

CVE-2018-16313

February 26, 2023 by

Bludit 2.3.4 allows XSS via a user name.

CVE-2018-16316

February 26, 2023 by

A stored Cross-site scripting (XSS) vulnerability in Portainer through 1.19.1 allows remote authenticated users to inject arbitrary JavaScript and/or HTML via the Team Name field.

CVE-2018-16324

February 26, 2023 by

In IceWarp Server 12.0.3.1 and before, there is XSS in the /webmail/ username field.

CVE-2018-16325

February 26, 2023 by

There is XSS in GetSimple CMS 3.4.0.9 via the admin/edit.php title field.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 431
  • Go to page 432
  • Go to page 433
  • Go to page 434
  • Go to page 435
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE