• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2018-12943

February 26, 2023 by

Cross-Site Scripting (XSS) vulnerability in every page that includes the “action” URL parameter in SeedDMS (formerly LetoDMS and MyDMS) before 5.1.8 allows remote attackers to inject arbitrary web script or HTML via the action parameter.

CVE-2018-12944

February 26, 2023 by

Persistent Cross-Site Scripting (XSS) vulnerability in the “Categories” feature in SeedDMS (formerly LetoDMS and MyDMS) before 5.1.8 allows remote attackers to inject arbitrary web script or HTML via the name field.

CVE-2018-12973

February 26, 2023 by

An issue was discovered in OpenTSDB 2.3.0. There is XSS in parameter ‘json’ to the /q URI.

CVE-2018-12981

February 26, 2023 by

An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02. The vulnerability can be exploited by authenticated and unauthenticated users by sending special crafted requests to the web server allowing injecting code within the WBM. The code will be rendered and/or executed in the browser of the user’s browser.

CVE-2018-12992

February 26, 2023 by

An issue was discovered CMS MaeloStore V.1.5.0. There is stored XSS in the Telephone field of the admin interface.

CVE-2018-12996

February 26, 2023 by

A reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Applications Manager before 13 (Build 13800) allows remote attackers to inject arbitrary web script or HTML via the parameter ‘method’ to GraphicalView.do.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 491
  • Go to page 492
  • Go to page 493
  • Go to page 494
  • Go to page 495
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE