Total
21765 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-20564 | 1 Douco | 1 Douphp | 2019-01-04 | 3.5 LOW | 4.8 MEDIUM |
| An issue was discovered in DouCo DouPHP 1.5 20181221. admin/product_category.php?rec=update has XSS via the cat_name parameter. | |||||
| CVE-2018-20565 | 1 Douco | 1 Douphp | 2019-01-04 | 3.5 LOW | 4.8 MEDIUM |
| An issue was discovered in DouCo DouPHP 1.5 20181221. admin/nav.php?rec=update has XSS via the nav_name parameter. | |||||
| CVE-2018-20558 | 1 Douco | 1 Douphp | 2019-01-04 | 3.5 LOW | 4.8 MEDIUM |
| An issue was discovered in DouCo DouPHP 1.5 20181221. admin/system.php?rec=update has XSS via the site_name parameter. | |||||
| CVE-2018-20557 | 1 Douco | 1 Douphp | 2019-01-04 | 3.5 LOW | 4.8 MEDIUM |
| An issue was discovered in DouCo DouPHP 1.5 20181221. admin/page.php?rec=edit has XSS via the page_name parameter. | |||||
| CVE-2018-20559 | 1 Douco | 1 Douphp | 2019-01-04 | 3.5 LOW | 4.8 MEDIUM |
| An issue was discovered in DouCo DouPHP 1.5 20181221. admin/product.php?rec=update has XSS via the name parameter. | |||||
| CVE-2018-20560 | 1 Douco | 1 Douphp | 2019-01-04 | 3.5 LOW | 4.8 MEDIUM |
| An issue was discovered in DouCo DouPHP 1.5 20181221. admin/show.php?rec=update has XSS via the show_name parameter. | |||||
| CVE-2018-20561 | 1 Douco | 1 Douphp | 2019-01-04 | 3.5 LOW | 4.8 MEDIUM |
| An issue was discovered in DouCo DouPHP 1.5 20181221. admin/article.php?rec=update has XSS via the title parameter. | |||||
| CVE-2018-20562 | 1 Douco | 1 Douphp | 2019-01-04 | 3.5 LOW | 4.8 MEDIUM |
| An issue was discovered in DouCo DouPHP 1.5 20181221. admin/article_category.php?rec=update has XSS via the cat_name parameter. | |||||
| CVE-2018-20563 | 1 Douco | 1 Douphp | 2019-01-04 | 3.5 LOW | 4.8 MEDIUM |
| An issue was discovered in DouCo DouPHP 1.5 20181221. admin/mobile.php?rec=system&act=update has XSS via the mobile_name parameter. | |||||
| CVE-2018-20597 | 1 Ucms Project | 1 Ucms | 2019-01-04 | 3.5 LOW | 4.8 MEDIUM |
| UCMS 1.4.7 has XSS via the dir parameter in an index.php sadmin_fileedit action. | |||||
| CVE-2018-20600 | 1 Ucms Project | 1 Ucms | 2019-01-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| sadmin\cedit.php in UCMS 1.4.7 has XSS via an index.php sadmin_cedit action. | |||||
| CVE-2018-20601 | 1 Ucms Project | 1 Ucms | 2019-01-04 | 3.5 LOW | 4.8 MEDIUM |
| UCMS 1.4.7 has XSS via the description parameter in an index.php list_editpost action. | |||||
| CVE-2018-20530 | 1 Website Seller Script Project | 1 Website Seller Script | 2019-01-03 | 3.5 LOW | 5.4 MEDIUM |
| PHP Scripts Mall Website Seller Script 2.0.5 has XSS via a Profile field such as Company Address, a related issue to CVE-2018-15896. | |||||
| CVE-2018-8891 | 1 Blackberry | 1 Unified Endpoint Manager | 2019-01-03 | 3.5 LOW | 4.8 MEDIUM |
| Multiple stored cross-site scripting (XSS) vulnerabilities in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator. | |||||
| CVE-2018-8888 | 1 Blackberry | 1 Unified Endpoint Manager | 2019-01-03 | 3.5 LOW | 4.8 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.10.0 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator. | |||||
| CVE-2018-19767 | 1 Infovista | 1 Vistaportal | 2019-01-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "PresentSpace.jsp" has reflected XSS via the ConnPoolName and GroupId parameters. | |||||
| CVE-2018-19773 | 1 Infovista | 1 Vistaportal | 2019-01-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "EditCurrentUser.jsp" has reflected XSS via the GroupId and ConnPoolName parameters. | |||||
| CVE-2018-20006 | 1 Phpok | 1 Phpok | 2019-01-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in PHPok v5.0.055. There is a Stored XSS vulnerability via the title parameter to api.php?c=post&f=save (reachable via the index.php?id=book URI). | |||||
| CVE-2018-8651 | 1 Microsoft | 1 Dynamics Nav | 2019-01-03 | 3.5 LOW | 5.4 MEDIUM |
| A cross site scripting vulnerability exists when Microsoft Dynamics NAV does not properly sanitize a specially crafted web request to an affected Dynamics NAV server, aka "Microsoft Dynamics NAV Cross Site Scripting Vulnerability." This affects Microsoft Dynamics NAV. | |||||
| CVE-2018-8652 | 1 Microsoft | 1 Windows Azure Pack Rollup | 2019-01-03 | 3.5 LOW | 5.4 MEDIUM |
| A Cross-site Scripting (XSS) vulnerability exists when Windows Azure Pack does not properly sanitize user-provided input, aka "Windows Azure Pack Cross Site Scripting Vulnerability." This affects Windows Azure Pack Rollup 13.1. | |||||