CWE:
 

Topic
Date
Author
Low
WordPress Soliloquy Lite 2.5.6 Cross Site Scripting
18.10.2019
Unk9vvN
Low
WordPress FooGallery 1.8.12 Cross Site Scripting
18.10.2019
Unk9vvN
Low
WordPress Popup Builder 3.49 Cross Site Scripting
18.10.2019
Unk9vvN
Low
WordPress Broken Link Checker 1.11.8 Cross Site Scripting
17.10.2019
Ismail Doe
Low
Accounts Accounting 7.02 Cross Site Scripting
17.10.2019
Debashis Pal
High
ASUS RT-N10+ 2.0.3.4 CSRF / XSS / Command Execution
15.10.2019
Matheus Vrech
Low
HongCMS 3.0.0 multiple XSS
15.10.2019
Ali Abdollahi
Low
OpenProject 10.0.1 / 9.0.3 Cross Site Scripting
15.10.2019
David Haintz
Low
Openfire 4.4.1 Cross Site Scripting
13.10.2019
Daniel Bishtawi
Low
Intelbras Router WRN150 1.0.18 Cross Site Scripting
13.10.2019
Prof. Joas Antonio
Low
FFTC Agricultural Policy Articles XSS
09.10.2019
Ali Abdollahi
Low
Subrion 4.2.1 Cross Site Scripting
07.10.2019
Min Ko Ko
Low
DotNetNuke Cross Site Scripting
02.10.2019
MaYaSeVeN
Low
V-SOL GPON/EPON OLT Platform 2.03 Cross Site Scripting
30.09.2019
LiquidWorm
Low
Zoner - Real Estate WordPress Theme v4.1.1 Persistent XSS & IDOR
27.09.2019
m0ze
Med.
all-in-one-seo-pack 3.2.7 Cross Site Scripting
27.09.2019
Unk9vvN
Low
Duplicate-Post 3.2.3 Cross Site Scripting
27.09.2019
Unk9vvN
Low
Smart Forum - Forum PHP Script Persistent XSS
27.09.2019
m0ze
Low
WP Server Log Viewer 1.0 Cross Site Scripting
26.09.2019
strider
Low
GOautodial 4.0 Cross Site Scripting
20.09.2019
Cakes
Low
Oracle Mojarra JSF / Eclipse Mojarra JSF 2.2 / 2.3 Cross Site Scripting
19.09.2019
Jean-Benjamin Rousseau
Low
InJob | Multi-purpose for recruitment WordPress Theme v3.3.6 Reflected & Persistent XSS
16.09.2019
SubversA
Med.
Zoner | Real Estate Joomla Theme Persistent XSS
16.09.2019
SubversA
Low
LimeSurvey 3.17.13 Cross Site Scripting
15.09.2019
Andreas Kolbeck
Low
Dolibarr ERP-CRM 10.0.1 Cross Site Scripting
15.09.2019
Metin Yunus Kandemir
Low
Piwigo 2.9.5 Cross Site Request Forgery / Cross Site Scripting
15.09.2019
Rodolfo Tavares
Low
OpenEdx Ironwood.1 Cross Site Scripting
11.09.2019
Daniel Bishtawi
Low
WordPress Checklist 1.1.5 Cross Site Scripting
11.09.2019
Ricardo Sanchez
Med.
WordPress Qwiz Online Quizzes And Flashcards 3.36 Cross Site Scripting
10.09.2019
Ricardo Sanchez
Low
WordPress Sell Downloads 1.0.86 Cross Site Scripting
10.09.2019
Mr Winst0n
Med.
WordPress Ellipsis Human Presence Technology 2.0.8 Cross Site Scripting
10.09.2019
Ricardo Sanchez
Low
Reality | Estate Multipurpose WordPress Theme Persistent XSS
09.09.2019
SubversA
Med.
Selio - Real Estate Directory SQL Injection & Persistent XSS
09.09.2019
SubversA
Med.
Nexos - Real Estate WordPress Theme SQL Injection & Persistent XSS
08.09.2019
SubversA
Low
WordPress API Bearer Auth 20181229 Cross Site Scripting
06.09.2019
Ricardo Sanchez
Low
WordPress Ecpay Logistics For WooCommerce 1.2.181030 Cross Site Scripting
06.09.2019
Ricardo Sanchez
Med.
WordPress Portrait-Archiv.com Photostore 5.0.4 Cross Site Scripting
05.09.2019
Ricardo Sanchez
Low
WordPress Spryng Payments WooCommerce 1.6.7 Cross Site Scripting
05.09.2019
Ricardo Sanchez
Low
Opencart 3.x Cross Site Scripting
03.09.2019
Nipun Somani
Low
Sentrifugo 3.2 Cross Site Scripting
02.09.2019
creosote
Low
WebKitGTK+ / WPE WebKit Code Execution / XSS
02.09.2019
WebKitGTK
Low
Ping Identity Agentless Integration Kit Cross Site Scripting
01.09.2019
Thomas Konrad
Low
LSoft ListServ Cross Site Scripting
27.08.2019
MTK
Low
Snapforce CRM 8.3.0 Cross Site Scripting
23.08.2019
Prasad Lingamaiah
Low
Endian Firewall 3.3.0 Cross Site Scripting
23.08.2019
G0dfather
Low
Neo Billing 3.5 Cross Site Scripting
20.08.2019
n1x_
Low
Kimai 2 Cross Site Scripting
20.08.2019
osamaalaa
Low
National Aeronautics and Space Administration Robotics Alliance Project Reflected XSS Cross Site Scripting
20.08.2019
KingSkrupellos
Low
Open-Xchange OX App Suite Content Spoofing / Cross Site Scripting
17.08.2019
Martin Heiland
Low
Open-Xchange OX Guard Cross Site Scripting / Signature Validation
17.08.2019
Hanno Boeck
Low
BSI Advance Hotel Booking System 2.0 Cross Site Scripting
13.08.2019
Angelo Ruwantha
Low
WebKit Universal Cross Site Scripting
13.08.2019
Google Security Resear...
High
WebKit UXSS via XSLT and Nested Document Replacements
13.08.2019
Google
Low
UNA 10.0.0 RC1 Cross Site Scripting
12.08.2019
Greg Priest
Low
osTicket 1.12 Cross Site Scripting
12.08.2019
Aishwarya Iyer
High
osTicket 1.12 File Upload Cross Site Scripting
12.08.2019
Aishwarya Iyer
Low
Open-School 3.0 / Community Edition 2.3 Cross Site Scripting
09.08.2019
Greg Priest
Low
MapProxy 1.11.0 Cross Site Scripting
08.08.2019
Janek Vind aka waraxe
Low
Netrox SC Live Chat Software for websites Reflected XSS Injection
05.08.2019
m0ze
Low
1CRM On-Premise Software 8.5.7 Cross Site Scripting
03.08.2019
Kusol Watchara-Apanuko...
Low
Ultimate Loan Manager 2.0 Cross Site Scripting
02.08.2019
Metin Yunus Kandemir
Med.
D-Link 6600-AP XSS / DoS / Information Disclosure
01.08.2019
Sandstorm Security
Low
GigToDo - Freelance Marketplace Script v1.3 Reflected & Persistent XSS Injections
29.07.2019
m0ze
Low
Zurmo 3.2.6 Persistent Cross Site Scripting
28.07.2019
Daniel Bishtawi
Low
Zurmo 3.2.6 Reflected Cross Site Scripting
27.07.2019
Daniel Bishtawi
Low
Wind Tre S.P.A mobile operator is Vulnerable to Cross Site Scripting Attack
24.07.2019
wind.it
Low
Real Estate 7 - Real Estate WordPress Theme v2.8.9 Persistent XSS Injection
24.07.2019
m0ze
Low
MyT Project Management 1.5.1 User[username] Persistent Cross-Site Scripting
24.07.2019
Metin Yunus Kandemir (...
Low
Coming Soon Page & Maintenance Mode v1.8.0 Unauthenticated Persistent XSS Injection
23.07.2019
m0ze
Low
REDCap Cross Site Scripting
20.07.2019
Dylan Garnaud
Low
WordPress OneSignal 1.17.5 Cross Site Scripting
19.07.2019
LiquidWorm
Low
Oracle Siebel CRM 19.0 Cross Site Scripting
18.07.2019
Sarath Nair
Low
Sitecore 9.0 Rev 171002 Cross Site Scripting
13.07.2019
Owais Mehtab
Med.
Jenkins Dependency Graph View 0.13 Cross Site Scripting
12.07.2019
Ishaq Mohammed
Low
phpFK lite-version Cross Site Scripting
11.07.2019
Daniel Bishtawi
Low
Karenderia CMS 5.3 Cross Site Scripting
09.07.2019
Sisyshell
Low
FaceSentry Access Control System 6.4.8 Reflected Cross Site Scripting
02.07.2019
LiquidWorm
Low
SquirrelMail 1.4.22 Cross Site Scripting
01.07.2019
Moritz Bechler
Med.
Carpool Web App 1.0 Cross Site Scripting / SQL Injection
01.07.2019
Taurus Omar
Low
SeedDMS out.GroupMgr.php Cross Site Scripting
25.06.2019
Nimit Jain
Low
Ajans Otuz9 Cross Site Scripting
19.06.2019
KingSkrupellos
Low
Lacivert Ajans Cross Site Scripting
19.06.2019
KingSkrupellos
Low
Saynet Bilgisayar Cross Site Scripting
19.06.2019
KingSkrupellos
Low
Sahi Pro 8.x Cross Site Scripting
19.06.2019
Goutham Madhwaraj
Low
Liferay Portal 7.1 CE GA4 Cross Site Scripting
13.06.2019
Valerio Brussani
Med.
RedGreenBD IT Solutions XSS Reflected Cross Site Scripting
04.06.2019
KingSkrupellos
Low
pfSense 2.4.4-p3 Cross Site Scripting
30.05.2019
Chi Tran
Low
Kanboard 1.2.7 Cross Site Scripting
30.05.2019
Mithat Gogebakan
Low
Phraseanet DAM Cross Site Scripting
29.05.2019
Krzysztof Szulski
Low
East Technologies XSS Reflected Cross Site Scripting
28.05.2019
KingSkrupellos
Low
SOCA Access Control System 180612 Cross Site Scripting
14.05.2019
LiquidWorm
Med.
Prinect Archive System 2015 Release 2.6 Cross Site Scripting
07.05.2019
Alt3kx
Low
Dragon 5.0 / 5.1 Cross Site Scripting
06.05.2019
Josh Sheppard
Low
Zotonic 0.46 mod_admin Cross Site Scripting
04.05.2019
Ramon Janssen
Low
HumHub 1.3.12 Cross Site Scripting
01.05.2019
Kagan Eglence
Low
Apache Archiva 2.2.3 Cross Site Scripting
01.05.2019
Martin S
Low
Apache Pluto 3.0.0 / 3.0.1 Cross Site Scripting
28.04.2019
Mishra Dhiraj
Low
Sierra Wireless AirLink ES450 ACEManager ping_result.cgi Cross Site Scripting
28.04.2019
Cisco Talos
Low
JioFi 4G M2S 1.0.2 Cross Site Scripting
26.04.2019
Vikas Chaudhary
Med.
osTicket 1.11 Cross Site Scripting / Local File Inclusion
26.04.2019
Ozkan Mustafa Akkus


CVEMAP Search Results

CVE
Details
Description
2019-10-14
Low
CVE-2019-14227

Vendor: Open-xchange
Software: Open-xchange...
 

 
OX App Suite 7.10.1 and 7.10.2 allows XSS.

 
2019-10-13
Low
CVE-2019-17535

Vendor: Gilacms
Software: Gila cms
 

 
Gila CMS through 1.11.4 allows blog-list.php XSS, in both the gila-blog and gila-mag themes, via the search parameter, a related issue to CVE-2019-9647.

 
2019-10-11
Low
CVE-2010-5336

Updating...
 

 
IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: admin/login.html with the parameter username is persistent in 10.2.0.

 
Low
CVE-2010-5337

Updating...
 

 
IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][controller] is non-persistent in 10.1.3 and 10.2.0.

 
Low
CVE-2010-5338

Updating...
 

 
IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][action] is non-persistent in 10.1.3 and 10.2.0.

 
Low
CVE-2010-5339

Updating...
 

 
IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/basic/ with the parameter _dlg[captcha][uid] is non-persistent in 10.1.3 and 10.2.0.

 
Low
CVE-2010-5340

Updating...
 

 
IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webmail/ with the parameter password is non-persistent in 10.2.0.

 
Low
CVE-2019-17504

Vendor: Kirona
Software: Dynamic reso...
 

 
An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5. A reflected Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script via the /osm/report/ password parameter.

 
Low
CVE-2019-17176

Updating...
 

 
Genesys PureEngage Digital (eServices) 8.1.x allows XSS via HtmlChatPanel.jsp or HtmlChatFrameSet.jsp (ActionColor, ClientNickNameColor, Email, email, or email_address parameter).

 
2019-10-10
Low
CVE-2019-17070

Vendor: LQD
Software: Liquid speec...
 

 
The liquid-speech-balloon (aka LIQUID SPEECH BALLOON) plugin 1.0.5 for WordPress allows XSS with Internet Explorer.

 

 


Copyright 2019, cxsecurity.com

 

Back to Top