• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-79

CVE-2018-10313

February 26, 2023 by

WUZHI CMS 4.1.0 allows persistent XSS via the form%5Bqq_10%5D parameter to the /index.php?m=member&f=index&v=profile&set_iframe=1 URI.

CVE-2018-10227

February 26, 2023 by

MiniCMS v1.10 has XSS via the mc-admin/conf.php site_link parameter.

CVE-2018-10228

February 26, 2023 by

Cross-site scripting (XSS) vulnerability in /application/controller/admin/theme.php in LimeSurvey 3.6.2+180406 allows remote attackers to inject arbitrary web script or HTML via the changes_cp parameter to the index.php/admin/themes/sa/templatesavechanges URI.

CVE-2018-10230

February 26, 2023 by

Zend Debugger in Zend Server before 9.1.3 has XSS, aka ZSR-2455.

CVE-2018-10231

February 26, 2023 by

Cross-site scripting (XSS) vulnerability in TOPdesk before 8.05.017 (June 2018 version) and before 5.7.SR9 allows remote attackers to inject arbitrary web script or HTML via unspecified parameters.

CVE-2018-10234

February 26, 2023 by

Authenticated Cross site Scripting exists in the User Profile & Membership plugin before 2.0.11 for WordPress via the “Account Deletion Custom Text” input field on the wp-admin/admin.php?page=um_options&section=account page.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 533
  • Go to page 534
  • Go to page 535
  • Go to page 536
  • Go to page 537
  • Interim pages omitted …
  • Go to page 2216
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE