• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2018-16234

February 26, 2023 by

MorningStar WhatWeb 0.4.9 has XSS via JSON report files.

CVE-2018-16235

February 26, 2023 by

Telligent Community 6.x, 7.x, 8.x, 9.x before 9.2.10.11796, 10.1.x before 10.1.10.11792, and 10.2.x before 10.2.3.4725 has XSS via the Feed RSS widget.

CVE-2018-16236

February 26, 2023 by

cPanel through 74 allows XSS via a crafted filename in the logs subdirectory of a user account, because the filename is mishandled during frontend/THEME/raw/index.html rendering.

CVE-2018-16243

February 26, 2023 by

SolarWinds Database Performance Analyzer (DPA) 11.1.468 and 12.0.3074 have several persistent XSS vulnerabilities, related to logViewer.iwc, centralManage.cen, userAdministration.iwc, database.iwc, alertManagement.iwc, eventAnnotations.iwc, and central.cen.

CVE-2018-16247

February 26, 2023 by

YzmCMS 5.1 has XSS via the admin/system_manage/user_config_add.html title parameter.

CVE-2018-16248

February 26, 2023 by

b3log Solo 2.9.3 has XSS in the Input page under the “Publish Articles” menu with an ID of “articleTags” stored in the “tag” JSON field, which allows remote attackers to inject arbitrary Web scripts or HTML via a carefully crafted site name in an admin-authenticated HTTP request.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 434
  • Go to page 435
  • Go to page 436
  • Go to page 437
  • Go to page 438
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE