• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2018-14888

February 26, 2023 by

inc/plugins/thankyoulike.php in the Eldenroot Thank You/Like plugin before 3.1.0 for MyBB allows XSS via a post or thread subject.

CVE-2018-1483

February 26, 2023 by

IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 140918.

CVE-2018-14835

February 26, 2023 by

Subrion CMS v4.2.1 is vulnerable to Stored XSS because of no escaping added to the tooltip information being displayed in multiple areas.

CVE-2018-14837

February 26, 2023 by

Wolf CMS 0.8.3.1 has XSS in the Snippets tab, as demonstrated by a ?/admin/snippet/edit/1 URI.

CVE-2018-14838

February 26, 2023 by

rejucms 2.1 has stored XSS via the admin/book.php content parameter.

CVE-2018-14840

February 26, 2023 by

uploads/.htaccess in Subrion CMS 4.2.1 allows XSS because it does not block .html file uploads (but does block, for example, .htm file uploads).

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 465
  • Go to page 466
  • Go to page 467
  • Go to page 468
  • Go to page 469
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE