• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2018-10580

February 26, 2023 by

The “Latest Posts on Profile” plugin 1.1 for MyBB has XSS because there is an added section in a user profile that displays that user’s most recent posts without sanitizing the tsubject (aka thread subject) field.

CVE-2018-10586

February 26, 2023 by

NetGain Enterprise Manager (EM) is affected by multiple Stored Cross-Site Scripting (XSS) vulnerabilities in versions before 10.1.12.

CVE-2018-10527

February 26, 2023 by

EasyCMS 1.3 is prone to Stored XSS when posting an article; four fields are affected: title, keyword, abstract, and content, as demonstrated by the /admin/index/index.html#listarticle URI.

CVE-2018-10547

February 26, 2023 by

An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-5712.

CVE-2018-10554

February 26, 2023 by

An issue was discovered in Nagios XI 5.4.13. There is XSS exploitable via CSRF in (1) the Schedule New Report screen via the hour, minute, or ampm parameter, related to components/scheduledreporting; (2) includes/components/xicore/downtime.php, related to the update_pages function; (3) the ajaxhelper.php opts or background parameter; (4) the i[] array parameter to ajax_handler.php; or (5) the deploynotification.php title parameter.

CVE-2018-10422

February 26, 2023 by

An issue was discovered in HongCMS 3.0.0. The post news feature has Stored XSS via the content field.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 526
  • Go to page 527
  • Go to page 528
  • Go to page 529
  • Go to page 530
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE