ReportizFlow
Filtered by vendor
Subscriptions
Total
42879 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-15848 | 1 Jetbrains | 1 Teamcity | 2024-11-21 | N/A |
| JetBrains TeamCity 2019.1 and 2019.1.1 allows cross-site scripting (XSS), potentially making it possible to send an arbitrary HTTP request to a TeamCity server under the name of the currently logged-in user. | ||||
| CVE-2019-15842 | 1 Easy Pdf Restaurant Menu Upload Project | 1 Easy Pdf Restaurant Menu Upload | 2024-11-21 | N/A |
| The easy-pdf-restaurant-menu-upload plugin before 1.1.2 for WordPress has XSS. | ||||
| CVE-2019-15838 | 1 Kunalnagar | 1 Custom 404 Pro | 2024-11-21 | N/A |
| The custom-404-pro plugin before 3.2.8 for WordPress has reflected XSS, a different vulnerability than CVE-2019-14789. | ||||
| CVE-2019-15837 | 1 Bitwise-it | 1 Webp Express | 2024-11-21 | N/A |
| The webp-express plugin before 0.14.8 for WordPress has stored XSS. | ||||
| CVE-2019-15836 | 1 Bootstrapped | 1 Wp Ultimate Recipe | 2024-11-21 | N/A |
| The wp-ultimate-recipe plugin before 3.12.7 for WordPress has stored XSS. | ||||
| CVE-2019-15833 | 1 Simple Mail Address Encoder Project | 1 Simple Mail Address Encoder | 2024-11-21 | 6.1 Medium |
| The simple-mail-address-encoder plugin before 1.7 for WordPress has reflected XSS. | ||||
| CVE-2019-15830 | 1 Icegram | 1 Icegram Engage | 2024-11-21 | N/A |
| The icegram plugin before 1.10.29 for WordPress has ig_cat_list XSS. | ||||
| CVE-2019-15829 | 1 Greentreelabs | 1 Gallery Photoblocks | 2024-11-21 | N/A |
| The photoblocks-grid-gallery plugin before 1.1.33 for WordPress has wp-admin/admin.php?page=photoblocks-edit&id= XSS. | ||||
| CVE-2019-15827 | 1 Onesignal | 1 Onesignal-free-web-push-notifications | 2024-11-21 | N/A |
| The onesignal-free-web-push-notifications plugin before 1.17.8 for WordPress has XSS via the subdomain parameter. | ||||
| CVE-2019-15817 | 1 Realestateconnected | 1 Easy Property Listings | 2024-11-21 | N/A |
| The easy-property-listings plugin before 3.4 for WordPress has XSS. | ||||
| CVE-2019-15816 | 1 Wpexpertdeveloper | 1 Wp Private Content Plus | 2024-11-21 | N/A |
| The wp-private-content-plus plugin before 2.0 for WordPress has no protection against option changes via save_settings_page and other save_ functions. | ||||
| CVE-2019-15814 | 1 Sentrifugo | 1 Sentrifugo | 2024-11-21 | N/A |
| Multiple stored XSS vulnerabilities in Sentrifugo 3.2 could allow authenticated users to inject arbitrary web script or HTML. | ||||
| CVE-2019-15811 | 1 Domainmod | 1 Domainmod | 2024-11-21 | N/A |
| In DomainMOD through 4.13, the parameter daterange in the file reporting/domains/cost-by-month.php has XSS. | ||||
| CVE-2019-15810 | 1 Netdisco | 1 Netdisco | 2024-11-21 | 6.1 Medium |
| Insufficient sanitization during device search in Netdisco 2.042010 allows for reflected XSS via manipulation of a URL parameter. | ||||
| CVE-2019-15782 | 1 Webtorrent | 1 Webtorrent | 2024-11-21 | N/A |
| WebTorrent before 0.107.6 allows XSS in the HTTP server via a title or file name. | ||||
| CVE-2019-15778 | 1 Getwooplugins | 1 Additional Variation Images For Woocommerce | 2024-11-21 | N/A |
| The woo-variation-gallery plugin before 1.1.29 for WordPress has XSS. | ||||
| CVE-2019-15777 | 1 Shapepress | 1 Wp Dsgvo Tools | 2024-11-21 | N/A |
| The shapepress-dsgvo plugin before 2.2.19 for WordPress has wp-admin/admin-ajax.php?action=admin-common-settings&admin_email= XSS. | ||||
| CVE-2019-15750 | 1 Sitos | 1 Sitos Six | 2024-11-21 | 6.1 Medium |
| A Cross-Site Scripting (XSS) vulnerability in the blog function in SITOS six Build v6.2.1 allows remote attackers to inject arbitrary web script or HTML via the id parameter. | ||||
| CVE-2019-15739 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 6.1 Medium |
| An issue was discovered in GitLab Community and Enterprise Edition 8.1 through 12.2.1. Certain areas displaying Markdown were not properly sanitizing some XSS payloads. | ||||
| CVE-2019-15724 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 6.1 Medium |
| An issue was discovered in GitLab Community and Enterprise Edition 11.10 through 12.2.1. Label descriptions are vulnerable to HTML injection. | ||||