CWE:
 

Topic
Date
Author
Low
Liferay Portal 7.1 CE GA4 Cross Site Scripting
13.06.2019
Valerio Brussani
Med.
RedGreenBD IT Solutions XSS Reflected Cross Site Scripting
04.06.2019
KingSkrupellos
Low
pfSense 2.4.4-p3 Cross Site Scripting
30.05.2019
Chi Tran
Low
Kanboard 1.2.7 Cross Site Scripting
30.05.2019
Mithat Gogebakan
Low
Phraseanet DAM Cross Site Scripting
29.05.2019
Krzysztof Szulski
Low
East Technologies XSS Reflected Cross Site Scripting
28.05.2019
KingSkrupellos
Low
SOCA Access Control System 180612 Cross Site Scripting
14.05.2019
LiquidWorm
Med.
Prinect Archive System 2015 Release 2.6 Cross Site Scripting
07.05.2019
Alt3kx
Low
Dragon 5.0 / 5.1 Cross Site Scripting
06.05.2019
Josh Sheppard
Low
Zotonic 0.46 mod_admin Cross Site Scripting
04.05.2019
Ramon Janssen
Low
HumHub 1.3.12 Cross Site Scripting
01.05.2019
Kagan Eglence
Low
Apache Archiva 2.2.3 Cross Site Scripting
01.05.2019
Martin S
Low
Apache Pluto 3.0.0 / 3.0.1 Cross Site Scripting
28.04.2019
Mishra Dhiraj
Low
Sierra Wireless AirLink ES450 ACEManager ping_result.cgi Cross Site Scripting
28.04.2019
Cisco Talos
Low
JioFi 4G M2S 1.0.2 Cross Site Scripting
26.04.2019
Vikas Chaudhary
Med.
osTicket 1.11 Cross Site Scripting / Local File Inclusion
26.04.2019
Ozkan Mustafa Akkus
Low
WordPress Download Manager 2.9.93 Cross Site Scripting
18.04.2019
ThuraMoeMyint
Low
Zyxel ZyWall Cross Site Scripting
17.04.2019
Aaron Bishop
Low
Seo Panel Newsletter 1.2.0 Cross Site Scripting
17.04.2019
Deyaa Muhammad
Med.
Nagios XI 5.5.10 XSS / Remote Code Execution
15.04.2019
Abdel Adim Oisfi
Med.
DirectAdmin 1.561 Cross Site Scripting
14.04.2019
Numan OZDEMIR
Low
D-Link DI-524 2.06RU Cross Site Scripting
11.04.2019
Semen Alexandrovich Ly...
Med.
ShoreTel Connect ONSITE Cross Site Scripting / Session Fixation
09.04.2019
Ramikan
Low
CentOS Web Panel 0.9.8.789 Cross Site Scripting
31.03.2019
DKM
Low
Apache CouchDB 2.3.1 Cross Site Request Forgery / Cross Site Scripting
25.03.2019
Ozer Goker
Low
MyBB Upcoming Events 1.32 Cross Site Scripting
20.03.2019
0xB9
Low
Gila CMS 1.9.1 Cross Site Scripting
20.03.2019
Ahmet Umit Bayram
Low
Vembu Storegrid Web Interface 4.4.0 Cross Site Scripting / Information Disclosure
16.03.2019
Gionathan Reale
Low
ntopng 3.8.190307 Community Edition Cross Site Scripting
14.03.2019
Ozer Goker
Low
pfSense 2.4.4-p1 (HAProxy Package 0.59_14) Cross Site Scripting
14.03.2019
Gionathan Reale
Low
OrientDB 3.0.17 GA Community Edition XSS / CSRF
08.03.2019
Ozer Goker
Low
ClearOS 7 Community Edition Cross Site Scripting
07.03.2019
Ozer Goker
Med.
Bold CMS 3.6.4 Cross Site Scripting
05.03.2019
Ismail Tasdelen
Low
SAP J2EE Engine/7.01/Fiori test2 Cross Site Scripting
05.03.2019
Ece Orsel
Low
SAP J2EE Engine/7.01/Portal/EPP Protocol Cross Site Scripting
05.03.2019
Ece Orsel
Low
Ability Mail Server 4.2.6 Cross Site Scripting
05.03.2019
Aloyce J. Makalanga
Low
Fiberhome AN5506-04-F RP2669 Cross Site Scripting
05.03.2019
Tauco
Low
Craft CMS 3.1.12 Pro Cross Site Scripting
05.03.2019
Ismail Tasdelen
Low
Mailtraq WebMail 2.17.7.3550 Cross Site Scripting
05.03.2019
Aloyce J. Makalanga
Med.
DomainMOD 4.11.01 Custom SSL Fields Cross Site Scripting
03.03.2019
Mohammed Abdul Raheem
Low
PRTG Network Monitor 7.1.3.3378 Cross Site Scripting
03.03.2019
Rafael Pedrero
Low
Zentyal Server Development Edition 6.0 Cross Site Scripting
28.02.2019
Ozer Goker
Low
DomainMOD 4.11.01 Owner Name Cross Site Scripting
28.02.2019
Mohammed Abdul Raheem
Low
vBulletin 4.2.0 ChangUonDyU Chatbox Plugins 3.6.0 Cross Site Scripting
26.02.2019
KingSkrupellos
Low
MyBB 1.6.x ChangUonDyU Chatbox Plugins 3.6.0 Cross Site Scripting
26.02.2019
KingSkrupellos
Low
Tautulli 2.1.26 Cross Site Scripting
23.02.2019
Geeknik Labs
Low
Medical Store Script 3.0.3 Cross Site Scripting
22.02.2019
Mr Winst0n
Low
VertrigoServ 2.17 Cross Site Scripting
22.02.2019
Rafael Pedrero
Low
HotelDruid 2.3 Cross Site Scripting
21.02.2019
Mehmet Emiroglu
Low
Tech News 4.3.4 Cross Site Scripting
21.02.2019
Mr Winst0n
Med.
XAMPP 5.6.8 Cross Site Scripting / SQL Injection
20.02.2019
Rafael Pedrero
Low
ArangoDB Community Edition 3.4.2-1 Cross Site Scripting
19.02.2019
Ozer Goker
Low
Apache CouchDB 2.3.0 Cross Site Scripting
19.02.2019
Ozer Goker
Low
qdPM 9.1 Cross Site Scripting
19.02.2019
Mehmet Emiroglu
Low
Comodo Dome Firewall 2.7.0 Cross Site Scripting
19.02.2019
Ozer Goker
Low
X-Cart shopping cart software V5 (Cross site scripting)
18.02.2019
Ramkumar Ganesan
Low
MyBB Trash Bin 1.1.3 Cross Site Request Forgery / Cross Site Scripting
18.02.2019
0xB9
Low
JobFinder Cross Site Scripting
17.02.2019
Deyaa Muhammad
Low
WeHelp 1.6 Cross Site Scripting
17.02.2019
Deyaa Muhammad
Low
ZuzMusic 2.1 Cross Site Scripting
17.02.2019
Deyaa Muhammad
Low
Jiofi 4 (JMR 1140) Cross Site Scripting
14.02.2019
Ronnie T Baby
Low
Rukovoditel Project Management CRM 2.4.1 Cross Site Scripting
14.02.2019
Mehmet Emiroglu
Low
MyBB Bans List 1.0 Cross Site Scripting
13.02.2019
0xB9
Low
Webiness Inventory 2.3 - 'request' XSS Vulnerability
11.02.2019
Mehmet EMIROGLU
Low
SAMSUNG X7400GX Sync Thru Web Cross Site Scripting
11.02.2019
Rafael Pedrero
Low
Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2 XSS
11.02.2019
Rafael Pedrero
Low
Ericsson Active Library Explorer (ALEX) 14.3 Cross Site Scripting
11.02.2019
Rafael Pedrero
Med.
Smoothwall Express 3.1-SP4-polar-x86_64-update9 Cross Site Scripting
07.02.2019
Ozer Goker
Low
WordPress KingComposer 2.7.6 Cross Site Scripting
06.02.2019
Tim Coen
Med.
WordPress Contact Form Email 1.2.65 CSRF / Cross Site Scripting
06.02.2019
Tim Coen
Low
WordPress YOP Poll 6.0.2 Cross Site Scripting
05.02.2019
Tim Coen
Low
WordPress Font Organizer 2.1.1 Cross Site Scripting
05.02.2019
Tim Coen
Low
WordPress Blog2Social 5.0.2 Cross Site Scripting
05.02.2019
Tim Coen
Low
WordPress Quiz And Survey Master 6.0.4 Cross Site Scripting
05.02.2019
Tim Coen
Med.
WordPress Forminator 1.5.4 Cross Site Scripting / SQL Injection
05.02.2019
Tim Coen
Low
Megaxus Reflectied XSS
03.02.2019
abay
Low
Zimbra Collaboration Cross Site Scripting
02.02.2019
Issam Rabhi
Low
SolarWinds Serv-U FTP 15.1.6.25 Cross Site Scripting
02.02.2019
Chris Moberly
Low
MyBB IP History Logs 1.0.2 Cross Site Scripting
30.01.2019
0xB9
Low
Collabtive 3.1 Cross Site Scripting
30.01.2019
Zekvan Arslan
Med.
Cisco Firepower Management Center 6.2.2.2 / 6.2.3 XSS
30.01.2019
Bhushan B. Patil
Low
Nessus 8.2.1 Cross Site Scripting
29.01.2019
Ozer Goker
Low
Rundeck Community Edition Cross Site Scripting
29.01.2019
Ishaq Mohammed
Low
OPNsense 18.7 Cross Site Scripting
29.01.2019
Ozer Goker
Low
pfSense 2.4.4-p1 Cross Site Scripting
29.01.2019
Ozer Goker
Low
Abantecart 1.2.12 Cross Site Scripting
25.01.2019
Omer Citak
Low
Podcast Generator 2.7 Cross Site Scripting
25.01.2019
Zekvan Arslan
Low
Endian Firewall Community release 3.3.0 Cross Site Scripting
25.01.2019
Ozer Goker
Low
SirsiDynix e-Library 3.5.x Cross Site Scripting
25.01.2019
Ozkan Mustafa Akkus
Low
DNN 9.1 XML Related Cross Site Scripting
24.01.2019
Mustafa Yalcin
Low
Comodo KORUGAN VM 1.9.3.1100 Cross Site Scripting
22.01.2019
Ozer Goker
Low
SIDU 6.0 Cross Site Scripting
22.01.2019
Ozer Goker
Low
Oracle Reports Developer 12.2.1.3 Cross Site Scripting
18.01.2019
Mohamed M.Fouad
Low
Webmin 1.890 Cross Site Scripting
15.01.2019
Foo Jong Meng
Low
HMS Netbiter WS100 3.30.5 Cross Site Scripting
14.01.2019
Micha Borrmann
Low
PHP Scripts Mall Citysearch / Hotfrog / Gelbeseiten Clone Script 2.0.1 Reflected XSS
13.01.2019
Sukanta Beniya
Low
Ampache 3.8.6 Cross Site Scripting
10.01.2019
Zekvan Arslan
Low
ZTE MF65 BD_HDV6MF65V1.0.0B05 Cross Site Scripting
10.01.2019
Nathu Nandwani
Low
MDwiki Cross Site Scripting
10.01.2019
Evi1m0
Low
ZenPhoto 1.4.14 Cross Site Scripting
09.01.2019
Zekvan Arslan


CVEMAP Search Results

CVE
Details
Description
2019-06-17
Low
CVE-2018-20472

Vendor: Sahipro
Software: Sahi pro
 

 
An issue was discovered in Tyto Sahi Pro through 7.x.x and 8.0.0. The logs web interface is vulnerable to stored XSS.

 
2019-06-15
Low
CVE-2013-7472

Vendor: Count per day project
Software: Count per day
 

 
The "Count per Day" plugin before 3.2.6 for WordPress allows XSS via the wp-admin/?page=cpd_metaboxes daytoshow parameter.

 
2019-06-14
Low
CVE-2019-4403

Vendor: IBM
Software: Connections
 

 
IBM Connections 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 162264.

 
2019-06-13
Low
CVE-2019-0130

Updating...
 

 
Reflected XSS in web interface for Intel(R) Accelerated Storage Manager in Intel(R) RSTe before version 5.5.0.2015 may allow an unauthenticated user to potentially enable denial of service via network access.

 
Low
CVE-2019-5286

Updating...
 

 
There is a reflection XSS vulnerability in the HedEx products. Remote attackers send malicious links to users and trick users to click. Successfully exploit cloud allow the attacker to initiate XSS attacks. Affects HedEx Lite versions earlier than V200R006C00SPC007.

 
2019-06-12
Low
CVE-2019-1031

Vendor: Microsoft
Software: Project server
 

 
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2019-1032, CVE-2019-1033, CVE-2019-1036.

 
Low
CVE-2019-1032

Vendor: Microsoft
Software: Sharepoint e...
 

 
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2019-1031, CVE-2019-1033, CVE-2019-1036.

 
Low
CVE-2019-1033

Vendor: Microsoft
Software: Project server
 

 
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2019-1031, CVE-2019-1032, CVE-2019-1036.

 
Low
CVE-2019-1036

Vendor: Microsoft
Software: Project server
 

 
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2019-1031, CVE-2019-1032, CVE-2019-1033.

 
Low
CVE-2019-3872

Vendor: Redhat
Software: Jboss enterp...
 

 
It was found that a SAMLRequest containing a script could be processed by Picketlink versions shipped in Jboss Application Platform 7.2.x and 7.1.x. An attacker could use this to send a malicious script to achieve cross-site scripting and obtain unauthorized information or conduct further attacks.

 

 


Copyright 2019, cxsecurity.com

 

Back to Top