Search Results (Refine Search)
- Results Type: Overview
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2019-3965 |
In OpenEMR 5.0.1 and earlier, controller.php contains a reflected XSS vulnerability in the document_id parameter. This could allow an attacker to execute arbitrary code in the context of a user's session. Published: August 20, 2019; 2:15:11 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-3964 |
In OpenEMR 5.0.1 and earlier, controller.php contains a reflected XSS vulnerability in the doc_id parameter. This could allow an attacker to execute arbitrary code in the context of a user's session. Published: August 20, 2019; 2:15:11 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-3963 |
In OpenEMR 5.0.1 and earlier, controller.php contains a reflected XSS vulnerability in the patient_id parameter. This could allow an attacker to execute arbitrary code in the context of a user's session. Published: August 20, 2019; 2:15:11 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2019-11209 |
The realm configuration component of TIBCO Software Inc.'s TIBCO FTL Community Edition, TIBCO FTL Developer Edition, TIBCO FTL Enterprise Edition contains a vulnerability that theoretically fails to properly enforce access controls. This issue affects TIBCO FTL Community Edition 6.0.0; 6.0.1; 6.1.0, TIBCO FTL Developer Edition 6.0.1; 6.1.0, and TIBCO FTL Enterprise Edition 6.0.0; 6.0.1; 6.1.0. Published: August 20, 2019; 2:15:11 PM -0400 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 6.5 MEDIUM |
CVE-2018-18056 |
An issue was discovered in the Texas Instruments (TI) TM4C, MSP432E and MSP432P microcontroller series. The eXecute-Only-Memory (XOM) implementation prevents code read-outs on protected memory by generating bus faults. However, single-stepping and using breakpoints is allowed in XOM-protected flash memory. As a consequence, it is possible to execute single instructions with arbitrary system states (e.g., registers, status flags, and SRAM content) and observe the state changes produced by the unknown instruction. An attacker could exploit this vulnerability by executing protected and unknown instructions with specific system states and observing the state changes. Based on the gathered information, it is possible to reverse-engineer the executed instructions. The processor acts as a kind of "instruction oracle." Published: August 20, 2019; 1:15:11 PM -0400 |
V4.0:(not available) V3.0: 4.6 MEDIUM V2.0: 2.1 LOW |
CVE-2018-20978 |
The wp-all-import plugin before 3.4.7 for WordPress has XSS. Published: August 20, 2019; 12:15:13 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-18566 |
The user-role plugin before 1.5.6 for WordPress has multiple XSS issues. Published: August 20, 2019; 12:15:13 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-18533 |
The rimons-twitter-widget plugin before 1.3 for WordPress has XSS. Published: August 20, 2019; 12:15:12 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-18532 |
The realty plugin before 1.1.0 for WordPress has multiple XSS issues. Published: August 20, 2019; 12:15:12 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-18531 |
The raygun4wp plugin before 1.8.3 for WordPress has XSS in the settings, a different issue than CVE-2017-9288. Published: August 20, 2019; 12:15:12 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-18530 |
The rating-bws plugin before 0.2 for WordPress has multiple XSS issues. Published: August 20, 2019; 12:15:12 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-18529 |
The promobar plugin before 1.1.1 for WordPress has multiple XSS issues. Published: August 20, 2019; 12:15:12 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-18528 |
The pdf-print plugin before 1.9.4 for WordPress has multiple XSS issues. Published: August 20, 2019; 12:15:12 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-18527 |
The pagination plugin before 1.0.7 for WordPress has multiple XSS issues. Published: August 20, 2019; 12:15:12 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-18526 |
The moreads-se plugin before 1.4.7 for WordPress has XSS. Published: August 20, 2019; 12:15:12 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-18524 |
The football-pool plugin before 2.6.5 for WordPress has multiple XSS issues. Published: August 20, 2019; 12:15:11 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-18523 |
The eelv-newsletter plugin before 4.6.1 for WordPress has CSRF in the address book. Published: August 20, 2019; 12:15:11 PM -0400 |
V4.0:(not available) V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2017-18522 |
The eelv-newsletter plugin before 4.6.1 for WordPress has XSS in the address book. Published: August 20, 2019; 12:15:11 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-18519 |
The customer-area plugin before 7.4.3 for WordPress has XSS via admin pages. Published: August 20, 2019; 12:15:11 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2017-18518 |
The bws-smtp plugin before 1.1.0 for WordPress has multiple XSS issues. Published: August 20, 2019; 12:15:11 PM -0400 |
V4.0:(not available) V3.0: 6.1 MEDIUM V2.0: 4.3 MEDIUM |