Search Results (Refine Search)
- Keyword (text search): xss
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2018-14869 |
PHP Template Store Script 3.0.6 allows XSS via the Address line 1, Address Line 2, Bank name, or A/C Holder name field in a profile. Published: August 06, 2018; 5:29:00 PM -0400 |
V4.0:(not available) V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
CVE-2018-14977 |
An issue was discovered in QCMS 3.0.1. upload/System/Controller/guest.php has XSS, as demonstrated by the name parameter, a different vulnerability than CVE-2018-8070. Published: August 06, 2018; 11:29:01 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2018-14976 |
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/category.php has XSS. Published: August 06, 2018; 11:29:01 AM -0400 |
V4.0:(not available) V3.0: 4.8 MEDIUM V2.0: 3.5 LOW |
CVE-2018-14975 |
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/album.php has XSS. Published: August 06, 2018; 11:29:01 AM -0400 |
V4.0:(not available) V3.0: 4.8 MEDIUM V2.0: 3.5 LOW |
CVE-2018-14974 |
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/news.php has XSS. Published: August 06, 2018; 11:29:01 AM -0400 |
V4.0:(not available) V3.0: 4.8 MEDIUM V2.0: 3.5 LOW |
CVE-2018-14973 |
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/product.php has XSS. Published: August 06, 2018; 11:29:00 AM -0400 |
V4.0:(not available) V3.0: 4.8 MEDIUM V2.0: 3.5 LOW |
CVE-2018-14972 |
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/down.php has XSS. Published: August 06, 2018; 11:29:00 AM -0400 |
V4.0:(not available) V3.0: 4.8 MEDIUM V2.0: 3.5 LOW |
CVE-2018-14971 |
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/user.php has XSS. Published: August 06, 2018; 11:29:00 AM -0400 |
V4.0:(not available) V3.0: 4.8 MEDIUM V2.0: 3.5 LOW |
CVE-2018-14970 |
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/slideshow.php has XSS. Published: August 06, 2018; 11:29:00 AM -0400 |
V4.0:(not available) V3.0: 4.8 MEDIUM V2.0: 3.5 LOW |
CVE-2018-14969 |
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/system.php has XSS. Published: August 06, 2018; 11:29:00 AM -0400 |
V4.0:(not available) V3.0: 4.8 MEDIUM V2.0: 3.5 LOW |
CVE-2018-14964 |
An issue was discovered in EMLsoft 5.4.5. XSS exists via the eml/upload/eml/?action=address&do=edit page. Published: August 06, 2018; 11:29:00 AM -0400 |
V4.0:(not available) V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
CVE-2018-14962 |
zzcms 8.3 has stored XSS related to the content variable in user/manage.php and zt/show.php. Published: August 06, 2018; 11:29:00 AM -0400 |
V4.0:(not available) V3.0: 5.4 MEDIUM V2.0: 3.5 LOW |
CVE-2017-12614 |
It was noticed an XSS in certain 404 pages that could be exploited to perform an XSS attack. Chrome will detect this as a reflected XSS attempt and prevent the page from loading. Firefox and other browsers don't, and are vulnerable to this attack. Mitigation: The fix for this is to upgrade to Apache Airflow 1.9.0 or above. Published: August 06, 2018; 9:29:00 AM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2018-14955 |
The mail message display page in SquirrelMail through 1.4.22 has XSS via SVG animations (animate to attribute). Published: August 05, 2018; 2:29:00 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2018-14954 |
The mail message display page in SquirrelMail through 1.4.22 has XSS via the formaction attribute. Published: August 05, 2018; 2:29:00 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2018-14953 |
The mail message display page in SquirrelMail through 1.4.22 has XSS via a "<math xlink:href=" attack. Published: August 05, 2018; 2:29:00 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2018-14952 |
The mail message display page in SquirrelMail through 1.4.22 has XSS via a "<math><maction xlink:href=" attack. Published: August 05, 2018; 2:29:00 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2018-14951 |
The mail message display page in SquirrelMail through 1.4.22 has XSS via a "<form action='data:text" attack. Published: August 05, 2018; 2:29:00 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2018-14950 |
The mail message display page in SquirrelMail through 1.4.22 has XSS via a "<svg><a xlink:href=" attack. Published: August 05, 2018; 2:29:00 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2018-14937 |
The Add page option in my little forum 2.4.12 allows XSS via the Menu Link field. Published: August 04, 2018; 9:29:00 PM -0400 |
V4.0:(not available) V3.0: 4.8 MEDIUM V2.0: 3.5 LOW |