• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2018-12901

February 26, 2023 by

A vulnerability in the conferencing component of Mitel ST 14.2, versions GA29 (19.49.9400.0) and earlier, could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due to insufficient validation for the signin.php page. A successful exploit could allow an attacker to execute arbitrary scripts.

CVE-2018-12902

February 26, 2023 by

In Easy Magazine through 2012-10-26, there is XSS in the search bar of the web site.

CVE-2018-12903

February 26, 2023 by

In CyberArk Endpoint Privilege Manager (formerly Viewfinity) 10.2.1.603, there is persistent XSS via an account name on the create token screen, the VfManager.asmx SelectAccounts->DisplayName screen, a user’s groups in ConfigurationPage, the Dialog Title field, and App Group Name in the Application Group Wizard.

CVE-2018-12905

February 26, 2023 by

joyplus-cms 1.6.0 has XSS in admin_player.php, related to manager/index.php “system manage” and “add” actions.

CVE-2018-12919

February 26, 2023 by

In CraftedWeb through 2013-09-24, aasp_includes/pages/notice.php allows XSS via the e parameter.

CVE-2018-12806

February 26, 2023 by

Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 492
  • Go to page 493
  • Go to page 494
  • Go to page 495
  • Go to page 496
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE