Total
36870 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-17591 | 1 Airties | 2 Air 5343v2, Air 5343v2 Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| AirTies Air 5343v2 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter. | |||||
| CVE-2018-17590 | 1 Airties | 2 Air 5442, Air 5442 Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| AirTies Air 5442 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter. | |||||
| CVE-2018-17589 | 1 Airties | 2 Air 5650, Air 5650 Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| AirTies Air 5650 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter. | |||||
| CVE-2018-17588 | 1 Airties | 2 Air 5021, Air 5021 Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| AirTies Air 5021 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter. | |||||
| CVE-2018-17587 | 1 Airties | 2 Air 5750, Air 5750 Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| AirTies Air 5750 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter. | |||||
| CVE-2018-17586 | 1 Wpfastestcache | 1 Wp Fastest Cache | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The WP Fastest Cache plugin 0.8.8.5 for WordPress has XSS via the rules[0][content] parameter in a wpfc_save_timeout_pages action. | |||||
| CVE-2018-17585 | 1 Wpfastestcache | 1 Wp Fastest Cache | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The WP Fastest Cache plugin 0.8.8.5 for WordPress has XSS via the wpfastestcacheoptions wpFastestCachePreload_number or wpFastestCacheLanguage parameter. | |||||
| CVE-2018-17583 | 1 Wpfastestcache | 1 Wp Fastest Cache | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The WP Fastest Cache plugin 0.8.8.5 for WordPress has XSS via the rules[0][content] parameter in a wpfc_save_exclude_pages action. | |||||
| CVE-2018-17574 | 1 Ymfe | 1 Yapi | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| An issue was discovered in YMFE YApi 1.3.23. There is stored XSS in the name field of a project. | |||||
| CVE-2018-17572 | 1 Influxdata | 1 Influxdb | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| InfluxDB 0.9.5 has Reflected XSS in the Write Data module. | |||||
| CVE-2018-17571 | 1 Vanillaforums | 1 Vanilla | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Vanilla before 2.6.1 allows XSS via the email field of a profile. | |||||
| CVE-2018-17560 | 1 Teamwire | 1 Teamwire | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The admin interface of the Grouptime Teamwire Client 1.5.1 prior to 1.9.0 on-premises messenger server allows stored XSS. All backend versions prior to prod-2018-11-13-15-00-42 are affected. | |||||
| CVE-2018-17556 | 1 Modx | 1 Modx Revolution | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| MODX Revolution v2.6.5-pl allows stored XSS via a Create New Media Source action. | |||||
| CVE-2018-17533 | 1 Teltonika | 6 Rut900, Rut900 Firmware, Rut950 and 3 more | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Teltonika RUT9XX routers with firmware before 00.05.01.1 are prone to cross-site scripting vulnerabilities in hotspotlogin.cgi due to insufficient user input sanitization. | |||||
| CVE-2018-17443 | 1 Dlink | 1 Central Wifimanager | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. The 'sitename' parameter of the UpdateSite endpoint is vulnerable to stored XSS. | |||||
| CVE-2018-17441 | 1 Dlink | 1 Central Wifimanager | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. The 'username' parameter of the addUser endpoint is vulnerable to stored XSS. | |||||
| CVE-2018-17423 | 1 E107 | 1 E107 | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| An issue was discovered in e107 v2.1.9. There is a XSS attack on e107_admin/comment.php. | |||||
| CVE-2018-17421 | 1 Zrlog | 1 Zrlog | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in ZrLog 2.0.3. There is stored XSS in the file upload area via a crafted attached/file/ pathname. | |||||
| CVE-2018-17413 | 1 Zzcms | 1 Zzcms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| XSS exists in zzcms v8.3 via the /uploadimg_form.php noshuiyin parameter. | |||||
| CVE-2018-17369 | 1 Springboot Authority Project | 1 Springboot Authority | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| An issue was discovered in springboot_authority through 2017-03-06. There is stored XSS via the admin/role/edit roleKey, name, or description parameter. | |||||