| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| A use of hard-coded credentials vulnerability [CWE-798] in FortiTester 2.3.0 through 7.2.3 may allow an attacker who managed to get a shell on the device to access the database via shell commands. |
| Stored cross-site scripting vulnerability in Map setting page of VI Web Client prior to 7.9.6 allows a remote authenticated attacker to inject an arbitrary script. |
| IBM Content Navigator 3.0.11, 3.0.13, and 3.0.14 with IBM Daeja ViewOne Virtual is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 264019. |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Groundhogg Inc. Groundhogg plugin <= 2.7.11.10 versions. |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Vertical marquee plugin <= 7.1 versions. |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jason Crouse, VeronaLabs Slimstat Analytics plugin <= 5.0.8 versions. |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PluginOps Landing Page Builder plugin <= 1.5.1.2 versions. |
| Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in twinpictures, baden03 Collapse-O-Matic plugin <= 1.8.5.5 versions. |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Pdfcrowd Save as PDF plugin by Pdfcrowd plugin <= 2.16.0 versions. |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Lasso Simple URLs plugin <= 117 versions. |
| Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Pdfcrowd Save as Image plugin by Pdfcrowd plugin <= 2.16.0 versions. |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in RedNao Donations Made Easy – Smart Donations plugin <= 4.0.12 versions. |
| A reflected XSS vulnerability was discovered in the Easy Quick Contact module for Joomla. |
| A reflected XSS vulnerability was discovered in the Clicky Analytics Dashboard module for Joomla. |
| A reflected XSS vulnerability was discovered in the Joomdoc component for Joomla. |
| A reflected XSS vulnerability was discovered in the Quickform component for Joomla. |
| A reflected XSS vulnerability was discovered in the Extplorer component for Joomla. |
| A reflected XSS vulnerability was discovered in the LivingWord component for Joomla. |
| SAP NetWeaver AS ABAP (applications based on Unified Rendering) - versions SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, SAP_UI 758, SAP_BASIS 702, SAP_BASIS 731, allows an attacker to inject JavaScript code that can be executed in the web-application. An attacker could thereby control the behavior of this web-application.
|
| A reflected cross-site scripting (XSS) vulnerability in OpenKnowledgeMaps Head Start versions 4, 5, 6, 7 as well as Visual Project Explorer 1.0, allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload into the 'service' parameter in 'headstart_snapshot.php'. |
