• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2018-11588

February 26, 2023 by

Centreon 3.4.6 including Centreon Web 2.8.23 is vulnerable to an authenticated user injecting a payload into the username or command description, resulting in stored XSS. This is related to www/include/core/menu/menu.php and www/include/configuration/configObject/command/formArguments.php.

CVE-2018-11627

February 26, 2023 by

Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs upon a params parser exception.

CVE-2018-11628

February 26, 2023 by

Data input into EMS Master Calendar before 8.0.0.201805210 via URL parameters is not properly sanitized, allowing malicious attackers to send a crafted URL for XSS.

CVE-2018-11552

February 26, 2023 by

There is a reflected XSS vulnerability in AXON PBX 2.02 via the “AXON->Auto-Dialer->Agents->Name” field. The vulnerability exists due to insufficient filtration of user-supplied data. A remote attacker can execute arbitrary HTML and script code in a browser in the context of the vulnerable application.

CVE-2018-11553

February 26, 2023 by

SGIN.CN xiangyun platform V9.4.10 has XSS via the login_url parameter to /login.php.

CVE-2018-11557

February 26, 2023 by

YIBAN Easy class education platform 2.0 has XSS via the articlelist.php k parameter.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 509
  • Go to page 510
  • Go to page 511
  • Go to page 512
  • Go to page 513
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE