Export limit exceeded: 45283 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45283 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-6905 | 1 Typo3 | 1 Typo3 | 2024-11-21 | N/A |
| The page module in TYPO3 before 8.7.11, and 9.1.0, has XSS via $GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'], as demonstrated by an admin entering a crafted site name during the installation process. | ||||
| CVE-2018-6904 | 1 Car Rental Script Project | 1 Car Rental Script | 2024-11-21 | N/A |
| PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the User Name field in an Edit Profile action. | ||||
| CVE-2018-6902 | 1 Image Sharing Script Project | 1 Image Sharing Script | 2024-11-21 | N/A |
| PHP Scripts Mall Image Sharing Script 1.3.3 has XSS via the Full Name field in an Edit Profile action. | ||||
| CVE-2018-6900 | 1 Website Broker Script Project | 1 Website Broker Script | 2024-11-21 | N/A |
| PHP Scripts Mall Website Broker Script 3.0.6 has XSS via the Last Name field on the My Profile page. | ||||
| CVE-2018-6891 | 1 Booking-wp-plugin | 1 Bookly | 2024-11-21 | 6.1 Medium |
| Bookly #1 WordPress Booking Plugin Lite before 14.5 has XSS via a jQuery.ajax request to ng-payment_details_dialog.js. | ||||
| CVE-2018-6890 | 1 Wolfcms | 1 Wolf Cms | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in Wolf CMS 0.8.3.1 via the page editing feature, as demonstrated by /?/admin/page/edit/3. | ||||
| CVE-2018-6878 | 1 Hot Scripts Clone Project | 1 Hot Scripts Clone | 2024-11-21 | N/A |
| Cross Site Scripting (XSS) exists in the review section in PHP Scripts Mall Hot Scripts Clone Script Classified 3.1 via the title or description field. | ||||
| CVE-2018-6870 | 1 Website Seller Script Project | 1 Website Seller Script | 2024-11-21 | N/A |
| Reflected XSS exists in PHP Scripts Mall Website Seller Script 2.0.3 via the Listings Search feature. | ||||
| CVE-2018-6868 | 1 Groupon Clone Script Project | 1 Groupon Clone Script | 2024-11-21 | N/A |
| Cross Site Scripting (XSS) exists in PHP Scripts Mall Slickdeals / DealNews / Groupon Clone Script 3.0.2 via a User Profile Field parameter. | ||||
| CVE-2018-6866 | 1 Learning And Examination Management System Script Project | 1 Learning And Examination Management System Script | 2024-11-21 | N/A |
| Cross Site Scripting (XSS) exists in PHP Scripts Mall Learning and Examination Management System Script 2.3.1 via a crafted message. | ||||
| CVE-2018-6864 | 1 Multireligion Responsive Matrimonial Project | 1 Multireligion Responsive Matrimonial | 2024-11-21 | N/A |
| Cross Site Scripting (XSS) exists in PHP Scripts Mall Multi religion Responsive Matrimonial 4.7.2 via a user profile update parameter. | ||||
| CVE-2018-6862 | 1 Bitcoin Mlm Project | 1 Bitcoin Mlm | 2024-11-21 | N/A |
| Cross Site Scripting (XSS) exists in PHP Scripts Mall Bitcoin MLM Software 1.0.2 via a profile field. | ||||
| CVE-2018-6861 | 1 Lawyer Search Script Project | 1 Lawyer Search Script | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) exists in PHP Scripts Mall Lawyer Search Script 1.0.2 via a profile update parameter. | ||||
| CVE-2018-6858 | 1 Facebook Clone Script Project | 1 Facebook Clone Script | 2024-11-21 | 5.4 Medium |
| Cross Site Scripting (XSS) exists in PHP Scripts Mall Facebook Clone Script. | ||||
| CVE-2018-6845 | 1 Olx Clone Script Project | 1 Olx Clone Script | 2024-11-21 | 6.1 Medium |
| PHP Scripts Mall Multi Language Olx Clone Script 2.0.6 has XSS via the Leave Comment field. | ||||
| CVE-2018-6844 | 1 Mybb | 1 Mybb | 2024-11-21 | N/A |
| MyBB 1.8.14 has XSS via the Title or Description field on the Edit Forum screen. | ||||
| CVE-2018-6834 | 1 Etherpad | 1 Etherpad Lite | 2024-11-21 | N/A |
| static/js/pad_utils.js in Etherpad Lite before v1.6.3 has XSS via window.location.href. | ||||
| CVE-2018-6825 | 1 Omninova | 2 Vobot, Vobot Firmware | 2024-11-21 | N/A |
| An issue was discovered on VOBOT CLOCK before 0.99.30 devices. An SSH server exists with a hardcoded vobot account that has root access. | ||||
| CVE-2018-6824 | 1 Cozy | 1 Cozy | 2024-11-21 | N/A |
| Cozy version 2 has XSS allowing remote attackers to obtain administrative access via JavaScript code in the url parameter to the /api/proxy URI, as demonstrated by an XMLHttpRequest call with an 'email:"attacker@example.com"' request, which can be followed by a password reset. | ||||
| CVE-2018-6811 | 1 Citrix | 2 Netscaler Application Delivery Controller Firmware, Netscaler Gateway Firmware | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Citrix NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to inject arbitrary web script or HTML via the Citrix NetScaler interface. | ||||