CWE:
 

Topic
Date
Author
Low
WordPress Download Manager 2.9.93 Cross Site Scripting
18.04.2019
ThuraMoeMyint
Low
Zyxel ZyWall Cross Site Scripting
17.04.2019
Aaron Bishop
Low
Seo Panel Newsletter 1.2.0 Cross Site Scripting
17.04.2019
Deyaa Muhammad
Med.
Nagios XI 5.5.10 XSS / Remote Code Execution
15.04.2019
Abdel Adim Oisfi
Med.
DirectAdmin 1.561 Cross Site Scripting
14.04.2019
Numan OZDEMIR
Low
D-Link DI-524 2.06RU Cross Site Scripting
11.04.2019
Semen Alexandrovich Ly...
Med.
ShoreTel Connect ONSITE Cross Site Scripting / Session Fixation
09.04.2019
Ramikan
Low
CentOS Web Panel 0.9.8.789 Cross Site Scripting
31.03.2019
DKM
Low
Apache CouchDB 2.3.1 Cross Site Request Forgery / Cross Site Scripting
25.03.2019
Ozer Goker
Low
MyBB Upcoming Events 1.32 Cross Site Scripting
20.03.2019
0xB9
Low
Gila CMS 1.9.1 Cross Site Scripting
20.03.2019
Ahmet Umit Bayram
Low
Vembu Storegrid Web Interface 4.4.0 Cross Site Scripting / Information Disclosure
16.03.2019
Gionathan Reale
Low
ntopng 3.8.190307 Community Edition Cross Site Scripting
14.03.2019
Ozer Goker
Low
pfSense 2.4.4-p1 (HAProxy Package 0.59_14) Cross Site Scripting
14.03.2019
Gionathan Reale
Low
OrientDB 3.0.17 GA Community Edition XSS / CSRF
08.03.2019
Ozer Goker
Low
ClearOS 7 Community Edition Cross Site Scripting
07.03.2019
Ozer Goker
Med.
Bold CMS 3.6.4 Cross Site Scripting
05.03.2019
Ismail Tasdelen
Low
SAP J2EE Engine/7.01/Fiori test2 Cross Site Scripting
05.03.2019
Ece Orsel
Low
SAP J2EE Engine/7.01/Portal/EPP Protocol Cross Site Scripting
05.03.2019
Ece Orsel
Low
Ability Mail Server 4.2.6 Cross Site Scripting
05.03.2019
Aloyce J. Makalanga
Low
Fiberhome AN5506-04-F RP2669 Cross Site Scripting
05.03.2019
Tauco
Low
Craft CMS 3.1.12 Pro Cross Site Scripting
05.03.2019
Ismail Tasdelen
Low
Mailtraq WebMail 2.17.7.3550 Cross Site Scripting
05.03.2019
Aloyce J. Makalanga
Med.
DomainMOD 4.11.01 Custom SSL Fields Cross Site Scripting
03.03.2019
Mohammed Abdul Raheem
Low
PRTG Network Monitor 7.1.3.3378 Cross Site Scripting
03.03.2019
Rafael Pedrero
Low
Zentyal Server Development Edition 6.0 Cross Site Scripting
28.02.2019
Ozer Goker
Low
DomainMOD 4.11.01 Owner Name Cross Site Scripting
28.02.2019
Mohammed Abdul Raheem
Low
vBulletin 4.2.0 ChangUonDyU Chatbox Plugins 3.6.0 Cross Site Scripting
26.02.2019
KingSkrupellos
Low
MyBB 1.6.x ChangUonDyU Chatbox Plugins 3.6.0 Cross Site Scripting
26.02.2019
KingSkrupellos
Low
Tautulli 2.1.26 Cross Site Scripting
23.02.2019
Geeknik Labs
Low
Medical Store Script 3.0.3 Cross Site Scripting
22.02.2019
Mr Winst0n
Low
VertrigoServ 2.17 Cross Site Scripting
22.02.2019
Rafael Pedrero
Low
HotelDruid 2.3 Cross Site Scripting
21.02.2019
Mehmet Emiroglu
Low
Tech News 4.3.4 Cross Site Scripting
21.02.2019
Mr Winst0n
Med.
XAMPP 5.6.8 Cross Site Scripting / SQL Injection
20.02.2019
Rafael Pedrero
Low
ArangoDB Community Edition 3.4.2-1 Cross Site Scripting
19.02.2019
Ozer Goker
Low
Apache CouchDB 2.3.0 Cross Site Scripting
19.02.2019
Ozer Goker
Low
qdPM 9.1 Cross Site Scripting
19.02.2019
Mehmet Emiroglu
Low
Comodo Dome Firewall 2.7.0 Cross Site Scripting
19.02.2019
Ozer Goker
Low
X-Cart shopping cart software V5 (Cross site scripting)
18.02.2019
Ramkumar Ganesan
Low
MyBB Trash Bin 1.1.3 Cross Site Request Forgery / Cross Site Scripting
18.02.2019
0xB9
Low
JobFinder Cross Site Scripting
17.02.2019
Deyaa Muhammad
Low
WeHelp 1.6 Cross Site Scripting
17.02.2019
Deyaa Muhammad
Low
ZuzMusic 2.1 Cross Site Scripting
17.02.2019
Deyaa Muhammad
Low
Jiofi 4 (JMR 1140) Cross Site Scripting
14.02.2019
Ronnie T Baby
Low
Rukovoditel Project Management CRM 2.4.1 Cross Site Scripting
14.02.2019
Mehmet Emiroglu
Low
MyBB Bans List 1.0 Cross Site Scripting
13.02.2019
0xB9
Low
Webiness Inventory 2.3 - 'request' XSS Vulnerability
11.02.2019
Mehmet EMIROGLU
Low
SAMSUNG X7400GX Sync Thru Web Cross Site Scripting
11.02.2019
Rafael Pedrero
Low
Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2 XSS
11.02.2019
Rafael Pedrero
Low
Ericsson Active Library Explorer (ALEX) 14.3 Cross Site Scripting
11.02.2019
Rafael Pedrero
Med.
Smoothwall Express 3.1-SP4-polar-x86_64-update9 Cross Site Scripting
07.02.2019
Ozer Goker
Low
WordPress KingComposer 2.7.6 Cross Site Scripting
06.02.2019
Tim Coen
Med.
WordPress Contact Form Email 1.2.65 CSRF / Cross Site Scripting
06.02.2019
Tim Coen
Low
WordPress YOP Poll 6.0.2 Cross Site Scripting
05.02.2019
Tim Coen
Low
WordPress Font Organizer 2.1.1 Cross Site Scripting
05.02.2019
Tim Coen
Low
WordPress Blog2Social 5.0.2 Cross Site Scripting
05.02.2019
Tim Coen
Low
WordPress Quiz And Survey Master 6.0.4 Cross Site Scripting
05.02.2019
Tim Coen
Med.
WordPress Forminator 1.5.4 Cross Site Scripting / SQL Injection
05.02.2019
Tim Coen
Low
Megaxus Reflectied XSS
03.02.2019
abay
Low
Zimbra Collaboration Cross Site Scripting
02.02.2019
Issam Rabhi
Low
SolarWinds Serv-U FTP 15.1.6.25 Cross Site Scripting
02.02.2019
Chris Moberly
Low
MyBB IP History Logs 1.0.2 Cross Site Scripting
30.01.2019
0xB9
Low
Collabtive 3.1 Cross Site Scripting
30.01.2019
Zekvan Arslan
Med.
Cisco Firepower Management Center 6.2.2.2 / 6.2.3 XSS
30.01.2019
Bhushan B. Patil
Low
Nessus 8.2.1 Cross Site Scripting
29.01.2019
Ozer Goker
Low
Rundeck Community Edition Cross Site Scripting
29.01.2019
Ishaq Mohammed
Low
OPNsense 18.7 Cross Site Scripting
29.01.2019
Ozer Goker
Low
pfSense 2.4.4-p1 Cross Site Scripting
29.01.2019
Ozer Goker
Low
Abantecart 1.2.12 Cross Site Scripting
25.01.2019
Omer Citak
Low
Podcast Generator 2.7 Cross Site Scripting
25.01.2019
Zekvan Arslan
Low
Endian Firewall Community release 3.3.0 Cross Site Scripting
25.01.2019
Ozer Goker
Low
SirsiDynix e-Library 3.5.x Cross Site Scripting
25.01.2019
Ozkan Mustafa Akkus
Low
DNN 9.1 XML Related Cross Site Scripting
24.01.2019
Mustafa Yalcin
Low
Comodo KORUGAN VM 1.9.3.1100 Cross Site Scripting
22.01.2019
Ozer Goker
Low
SIDU 6.0 Cross Site Scripting
22.01.2019
Ozer Goker
Low
Oracle Reports Developer 12.2.1.3 Cross Site Scripting
18.01.2019
Mohamed M.Fouad
Low
Webmin 1.890 Cross Site Scripting
15.01.2019
Foo Jong Meng
Low
HMS Netbiter WS100 3.30.5 Cross Site Scripting
14.01.2019
Micha Borrmann
Low
PHP Scripts Mall Citysearch / Hotfrog / Gelbeseiten Clone Script 2.0.1 Reflected XSS
13.01.2019
Sukanta Beniya
Low
Ampache 3.8.6 Cross Site Scripting
10.01.2019
Zekvan Arslan
Low
ZTE MF65 BD_HDV6MF65V1.0.0B05 Cross Site Scripting
10.01.2019
Nathu Nandwani
Low
MDwiki Cross Site Scripting
10.01.2019
Evi1m0
Low
ZenPhoto 1.4.14 Cross Site Scripting
09.01.2019
Zekvan Arslan
Low
Mantis 2.11.1 Cross Site Scripting
09.01.2019
Omer Citak
Low
Educational Websites Developper - Chris Deotte - Cross Site Scripting (XSS)
09.01.2019
Salvatrucha
Low
TWiki 6.0.2 Cross Site Scripting
08.01.2019
Jiawang Zhang
Low
phpMoAdmin 1.1.5 Cross Site Request Forgery / Cross Site Scripting
08.01.2019
Ozer Goker
Low
Base Soundtouch 18.1.4 Cross Site Scripting
08.01.2019
Tim Schughart
Low
MyBB OUGC Awards 1.8.3 Cross Site Scripting
08.01.2019
0xB9
Low
Website Design by Haas IT Solutions XSS Vulnerability
08.01.2019
indoushka
Low
Zurmo 2.3.4 Cross Site Scripting
03.01.2019
Zekvan Arslan
Low
PLC Wireless Router GPN2.4P21-C-CN Cross Site Scripting
30.12.2018
Kumar Saurav
Low
Craft CMS 3.0.25 Cross Site Scripting
28.12.2018
Raif Berkay Dincel
Low
WSTMart 2.0.8 Cross Site Scripting
25.12.2018
linfeng
Low
Bolt CMS Cross Site Scripting
21.12.2018
Raif Berkay Dincel
Low
Integria IMS 5.0.83 Cross Site Scripting
20.12.2018
Javier Olmedo
Low
Responsive FileManager 9.13.4 XSS / File Manipulation / Traversal
15.12.2018
farisv
Low
Google Chrome 70.0.3538.77 Cross Site Scripting / Man-In-The-Middle
11.12.2018
Jann Horn
Low
Adiscon LogAnalyzer 4.1.6 Cross Site Scripting
08.12.2018
Gustavo Sorondo


CVEMAP Search Results

CVE
Details
Description
2019-04-22
Low
CVE-2019-11426

Vendor: Idreamsoft
Software: ICMS
 

 
An XSS issue was discovered in app/admincp/template/admincp.header.php in idreamsoft iCMS 7.0.14 via the admincp.php?app=config tab parameter.

 
Low
CVE-2019-11427

Vendor: Idreamsoft
Software: ICMS
 

 
An XSS issue was discovered in app/search/search.app.php in idreamsoft iCMS 7.0.14 via the public/api.php?app=search q parameter.

 
Low
CVE-2019-11428

Vendor: I-librarian
Software: I, librarian
 

 
I, Librarian 4.10 has XSS via the export.php export_files parameter.

 
2019-04-19
Low
CVE-2019-9841

Vendor: Vestacp
Software: Control panel
 

 
Vesta Control Panel 0.9.8-23 allows XSS via a crafted URL.

 
Low
CVE-2019-11358

Vendor: Drupal
Software: Drupal
 

 
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.

 
Low
CVE-2019-11359

Vendor: I-librarian
Software: I, librarian
 

 
Cross-site scripting (XSS) vulnerability in display.php in I, Librarian 4.10 allows remote attackers to inject arbitrary web script or HTML via the project parameter.

 
2019-04-18
Low
CVE-2018-17288

Vendor: Kofax
Software: Front office...
 

 
Kofax Front Office Server version 4.1.1.11.0.5212 (both Thin Client and Administration Console) suffers from multiple authenticated stored XSS vulnerabilities via the (1) "Filename" field in /Kofax/KFS/ThinClient/document/upload/ - (Thin Client) or (2) "DeviceName" field in /Kofax/KFS/Admin/DeviceService/device/ - (Administration Console).

 
Low
CVE-2019-11017

Vendor: Dlink
Software: Di-524 firmware
 

 
On D-Link DI-524 V2.06RU devices, multiple Stored and Reflected XSS vulnerabilities were found in the Web Configuration: /spap.htm, /smap.htm, and /cgi-bin/smap, as demonstrated by the cgi-bin/smap RC parameter.

 
Low
CVE-2019-11084

Vendor: Gbraad
Software: Gauth
 

 
GAuth 0.9.9 beta has stored XSS that shows a popup repeatedly and discloses cookies.

 
High
CVE-2019-9160

Vendor: Xinruidz
Software: Sundray wan ...
 

 
WAC on the Sangfor Sundray WLAN Controller version 3.7.4.2 and earlier has a backdoor account allowing a remote attacker to login to the system via SSH (on TCP port 22345) and escalate to root (because the password for root is the WebUI admin password concatenated with a static string).

 

 


Copyright 2019, cxsecurity.com

 

Back to Top