Total
21765 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-16704 | 1 Phpmywind | 1 Phpmywind | 2019-09-23 | 3.5 LOW | 4.8 MEDIUM |
| admin/infoclass_update.php in PHPMyWind 5.6 has stored XSS. | |||||
| CVE-2015-9403 | 1 Neuvoo | 1 Neuvoo-jobroll | 2019-09-23 | 4.3 MEDIUM | 6.1 MEDIUM |
| The neuvoo-jobroll plugin 2.0 for WordPress has neuvoo_location XSS. | |||||
| CVE-2019-16657 | 1 Tuzicms | 1 Tuzicms | 2019-09-23 | 4.3 MEDIUM | 6.1 MEDIUM |
| TuziCMS 2.0.6 has XSS via the PATH_INFO to a group URI, as demonstrated by index.php/article/group/id/2/. | |||||
| CVE-2019-16661 | 1 Digimute | 1 Ogma Cms | 2019-09-23 | 3.5 LOW | 5.4 MEDIUM |
| Ogma CMS 0.5 has XSS via creation of a new blog. | |||||
| CVE-2019-14915 | 1 Prise | 1 Adas | 2019-09-23 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in PRiSE adAS 1.7.0. Certificate data are not properly escaped. This leads to XSS when submitting a rogue certificate. | |||||
| CVE-2019-14913 | 1 Prise | 1 Adas | 2019-09-23 | 3.5 LOW | 5.4 MEDIUM |
| An issue was discovered in PRiSE adAS 1.7.0. Log data are not properly escaped, leading to persistent XSS in the administration panel. | |||||
| CVE-2018-16379 | 1 Digimute | 1 Ogma Cms | 2019-09-23 | 3.5 LOW | 4.8 MEDIUM |
| Ogma CMS 0.4 Beta has XSS via the "Footer Text footer" field on the "Theme/Theme Options" screen. | |||||
| CVE-2019-14911 | 1 Prise | 1 Adas | 2019-09-23 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in PRiSE adAS 1.7.0. The OPENSSO module does not properly escape output on error, leading to reflected XSS. | |||||
| CVE-2019-16664 | 1 Thinksaas | 1 Thinksaas | 2019-09-23 | 3.5 LOW | 4.8 MEDIUM |
| An issue was discovered in ThinkSAAS 2.91. There is XSS via the index.php?app=group&ac=create&ts=do groupname parameter. | |||||
| CVE-2019-16665 | 1 Thinksaas | 1 Thinksaas | 2019-09-23 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in ThinkSAAS 2.91. There is XSS via the content to the index.php?app=group&ac=comment&ts=do&js=1 URI, as demonstrated by a crafted SVG document in the SRC attribute of an EMBED element. | |||||
| CVE-2018-11200 | 1 Acquia | 1 Mautic | 2019-09-23 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in Mautic 2.13.1. It has Stored XSS via the company name field. | |||||
| CVE-2015-9405 | 1 Wp-piwik Project | 1 Wp-piwik | 2019-09-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| The wp-piwik plugin before 1.0.5 for WordPress has XSS. | |||||
| CVE-2015-9404 | 1 Neuvoo | 1 Neuvoo-jobroll | 2019-09-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| The neuvoo-jobroll plugin 2.0 for WordPress has neuvoo_keywords XSS. | |||||
| CVE-2015-9385 | 1 Bestwebsoft | 1 Quotes And Tips | 2019-09-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| The quotes-and-tips plugin before 1.20 for WordPress has XSS. | |||||
| CVE-2019-16643 | 1 Zrlog | 1 Zrlog | 2019-09-20 | 3.5 LOW | 5.4 MEDIUM |
| An issue was discovered in ZrLog 2.1.1. There is a Stored XSS vulnerability in the article_edit area. | |||||
| CVE-2015-9397 | 1 Webmaster-source | 1 Gocodes | 2019-09-20 | 3.5 LOW | 5.4 MEDIUM |
| The gocodes plugin through 1.3.5 for WordPress has wp-admin/tools.php deletegc XSS. | |||||
| CVE-2015-9401 | 1 Websimon-tables Project | 1 Websimon-tables | 2019-09-20 | 3.5 LOW | 4.8 MEDIUM |
| The websimon-tables plugin through 1.3.4 for WordPress has wp-admin/tools.php edit_style id XSS. | |||||
| CVE-2015-9391 | 1 Ostenta | 1 Yawpp | 2019-09-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| The yawpp plugin through 1.2.2 for WordPress has XSS via the field1 parameter. | |||||
| CVE-2015-9386 | 1 Mtouch Quiz Project | 1 Mtouch Quiz | 2019-09-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| The mtouch-quiz plugin before 3.1.3 for WordPress has XSS via the quiz parameter during a Quiz Manage operation. | |||||
| CVE-2015-9396 | 1 Attosoft | 1 Auto Thickbox Plus | 2019-09-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| The auto-thickbox-plus plugin through 1.9 for WordPress has wp-content/plugins/auto-thickbox-plus/download.min.php?file= XSS. | |||||