• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2018-15740

February 26, 2023 by

Zoho ManageEngine ADManager Plus 6.5.7 has XSS on the “Workflow Delegation” “Requester Roles” screen.

CVE-2018-15676

February 26, 2023 by

An issue was discovered in BTITeam XBTIT. By using String.replace and eval, it is possible to bypass the includes/crk_protection.php anti-XSS mechanism that looks for a number of dangerous fingerprints.

CVE-2018-15677

February 26, 2023 by

The newsfeed (aka /index.php?page=viewnews) in BTITeam XBTIT 2.5.4 has stored XSS via the title of a news item. This is also exploitable via CSRF.

CVE-2018-15678

February 26, 2023 by

An issue was discovered in BTITeam XBTIT 2.5.4. The “act” parameter in the sign-up page available at /index.php?page=signup is vulnerable to reflected cross-site scripting.

CVE-2018-15679

February 26, 2023 by

An issue was discovered in BTITeam XBTIT 2.5.4. The “keywords” parameter in the search function available at /index.php?page=forums&action=search is vulnerable to reflected cross-site scripting.

CVE-2018-15699

February 26, 2023 by

ASUSTOR Data Master 3.1.5 and below makes an HTTP request for a configuration file that is vulnerable to XSS. A man in the middle can take advantage of this by inserting Javascript into the configuration files Version field.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 444
  • Go to page 445
  • Go to page 446
  • Go to page 447
  • Go to page 448
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE