ReportizFlow
Filtered by vendor
Subscriptions
Total
42853 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-20806 | 1 Phamm | 1 Phamm | 2024-11-21 | N/A |
| Phamm (aka PHP LDAP Virtual Hosting Manager) 0.6.8 allows XSS via the login page (the /public/main.php action parameter). | ||||
| CVE-2018-20791 | 1 Tecrail | 1 Responsive Filemanager | 2024-11-21 | N/A |
| tecrail Responsive FileManager 9.13.4 allows XSS via a media file upload with an XSS payload in the name, because of mishandling of the media_preview action. | ||||
| CVE-2018-20778 | 1 Frog Cms Project | 1 Frog Cms | 2024-11-21 | N/A |
| admin/?/plugin/file_manager in Frog CMS 0.9.5 allows XSS by creating a new file containing a crafted attribute of an IMG element. | ||||
| CVE-2018-20777 | 1 Frog Cms Project | 1 Frog Cms | 2024-11-21 | N/A |
| Frog CMS 0.9.5 has XSS via the admin/?/snippet/edit/1 Body field. | ||||
| CVE-2018-20774 | 1 Frog Cms Project | 1 Frog Cms | 2024-11-21 | N/A |
| Frog CMS 0.9.5 has XSS via the admin/?/layout/edit/1 Body field. | ||||
| CVE-2018-20758 | 1 Modx | 1 Modx Revolution | 2024-11-21 | 5.4 Medium |
| MODX Revolution through v2.7.0-pl allows XSS via User Settings such as Description. | ||||
| CVE-2018-20757 | 1 Modx | 1 Modx Revolution | 2024-11-21 | N/A |
| MODX Revolution through v2.7.0-pl allows XSS via an extended user field such as Container name or Attribute name. | ||||
| CVE-2018-20756 | 1 Modx | 1 Modx Revolution | 2024-11-21 | N/A |
| MODX Revolution through v2.7.0-pl allows XSS via a document resource (such as pagetitle), which is mishandled during an Update action, a Quick Edit action, or the viewing of manager logs. | ||||
| CVE-2018-20755 | 1 Modx | 1 Modx Revolution | 2024-11-21 | N/A |
| MODX Revolution through v2.7.0-pl allows XSS via the User Photo field. | ||||
| CVE-2018-20737 | 1 Wso2 | 3 Api Manager, Identity Server, Identity Server As Key Manager | 2024-11-21 | N/A |
| An issue was discovered in WSO2 API Manager 2.1.0 and 2.6.0. Reflected XSS exists in the carbon part of the product. | ||||
| CVE-2018-20736 | 1 Wso2 | 1 Api Manager | 2024-11-21 | N/A |
| An issue was discovered in WSO2 API Manager 2.1.0 and 2.6.0. A DOM-based XSS exists in the store part of the product. | ||||
| CVE-2018-20731 | 1 Nedi | 1 Nedi | 2024-11-21 | N/A |
| A stored cross site scripting (XSS) vulnerability in NeDi before 1.7Cp3 allows remote attackers to inject arbitrary web script or HTML via User-Chat.php. | ||||
| CVE-2018-20729 | 1 Nedi | 1 Nedi | 2024-11-21 | N/A |
| A reflected cross site scripting (XSS) vulnerability in NeDi before 1.7Cp3 allows remote attackers to inject arbitrary web script or HTML via the reg parameter in mh.php. | ||||
| CVE-2018-20726 | 1 Cacti | 1 Cacti | 2024-11-21 | N/A |
| A cross-site scripting (XSS) vulnerability exists in host.php (via tree.php) in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname field for Devices. | ||||
| CVE-2018-20725 | 1 Cacti | 1 Cacti | 2024-11-21 | N/A |
| A cross-site scripting (XSS) vulnerability exists in graph_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Graph Vertical Label. | ||||
| CVE-2018-20724 | 1 Cacti | 1 Cacti | 2024-11-21 | N/A |
| A cross-site scripting (XSS) vulnerability exists in pollers.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname for Data Collectors. | ||||
| CVE-2018-20723 | 1 Cacti | 1 Cacti | 2024-11-21 | N/A |
| A cross-site scripting (XSS) vulnerability exists in color_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Name field for a Color. | ||||
| CVE-2018-20703 | 1 Cubecart | 1 Cubecart | 2024-11-21 | N/A |
| CubeCart 6.2.2 has Reflected XSS via a /{ADMIN-FILE}/ query string. | ||||
| CVE-2018-20682 | 1 Fork-cms | 1 Fork Cms | 2024-11-21 | N/A |
| Fork CMS 5.0.6 allows stored XSS via the private/en/settings facebook_admin_ids parameter (aka "Admin ids" input in the Facebook section). | ||||
| CVE-2018-20680 | 1 Frog Cms Project | 1 Frog Cms | 2024-11-21 | N/A |
| Frog CMS 0.9.5 has XSS in the admin/?/page/edit/1 body field. | ||||