Search Results (82949 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2018-20645 1 Basic B2b Script Project 1 Basic B2b Script 2024-11-21 N/A
PHP Scripts Mall Basic B2B Script 2.0.9 has HTML injection via the First Name or Last Name field.
CVE-2018-20640 1 Entrepreneur Job Portal Script Project 1 Entrepreneur Job Portal Script 2024-11-21 N/A
PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has stored Cross-Site Scripting (XSS) via the Full Name field.
CVE-2018-20639 1 Entrepreneur Job Portal Script Project 1 Entrepreneur Job Portal Script 2024-11-21 N/A
PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has HTML injection via the Search Bar.
CVE-2018-20636 1 Chartered Accountant \ 1 Auditor Website Project 2024-11-21 N/A
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has HTML injection via the First Name field.
CVE-2018-20632 1 Advance B2b Script Project 1 Advance B2b Script 2024-11-21 N/A
PHP Scripts Mall Advance B2B Script 2.1.4 has stored Cross-Site Scripting (XSS) via the FIRST NAME or LAST NAME field.
CVE-2018-20627 1 Consumer Reviews Script Project 1 Consumer Reviews Script 2024-11-21 N/A
PHP Scripts Mall Consumer Reviews Script 4.0.3 has HTML injection via the search box.
CVE-2018-20621 1 Microvirt 1 Memu 2024-11-21 N/A
An issue was discovered in Microvirt MEmu 6.0.6. The MemuService.exe service binary is vulnerable to local privilege escalation through binary planting due to insecure permissions set at install time. This allows code to be run as NT AUTHORITY/SYSTEM.
CVE-2018-20617 1 Ok-file-formats Project 1 Ok-file-formats 2024-11-21 N/A
ok-file-formats through 2018-10-16 has a heap-based buffer overflow in the ok_csv_decode2 function in ok_csv.c.
CVE-2018-20616 1 Ok-file-formats Project 1 Ok-file-formats 2024-11-21 N/A
ok-file-formats through 2018-10-16 has a heap-based buffer overflow in the ok_wav_decode_ms_adpcm_data function in ok_wav.c.
CVE-2018-20611 1 Txjia 1 Imcat 2024-11-21 N/A
imcat 4.4 allow XSS via a crafted cookie to the root/tools/adbug/binfo.php?cookie URI.
CVE-2018-20601 1 Ucms Project 1 Ucms 2024-11-21 N/A
UCMS 1.4.7 has XSS via the description parameter in an index.php list_editpost action.
CVE-2018-20600 1 Ucms Project 1 Ucms 2024-11-21 N/A
sadmin\cedit.php in UCMS 1.4.7 has XSS via an index.php sadmin_cedit action.
CVE-2018-20597 1 Ucms Project 1 Ucms 2024-11-21 N/A
UCMS 1.4.7 has XSS via the dir parameter in an index.php sadmin_fileedit action.
CVE-2018-20594 1 Hsweb 1 Hsweb 2024-11-21 N/A
An issue was discovered in hsweb 3.0.4. It is a reflected XSS vulnerability due to the absence of type parameter checking in FlowableModelManagerController.java.
CVE-2018-20593 2 Fedoraproject, Msweet 2 Fedora, Mini-xml 2024-11-21 N/A
In Mini-XML (aka mxml) v2.12, there is stack-based buffer overflow in the scan_file function in mxmldoc.c.
CVE-2018-20590 1 Generic Content Management System Project 1 Generic Content Management System 2024-11-21 4.8 Medium
Ivan Cordoba Generic Content Management System (CMS) through 2018-04-28 has XSS via the Administrator/users.php user ID.
CVE-2018-20589 1 Generic Content Management System Project 1 Generic Content Management System 2024-11-21 N/A
Ivan Cordoba Generic Content Management System (CMS) through 2018-04-28 has XSS via the Administrator/add_pictures.php article ID.
CVE-2018-20583 1 Thephpleague 1 Commonmark 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in the PHP League CommonMark library versions 0.15.6 through 0.18.x before 0.18.1 allows remote attackers to insert unsafe URLs into HTML (even if allow_unsafe_links is false) via a newline character (e.g., writing javascript as javascri%0apt).
CVE-2018-20579 1 Contiki-ng Project 1 Contiki-ng 2024-11-21 N/A
Contiki-NG before 4.2 has a stack-based buffer overflow in the push function in os/lib/json/jsonparse.c that allows an out-of-bounds write of an '{' or '[' character.
CVE-2018-20567 1 Douco 1 Douphp 2024-11-21 N/A
An issue was discovered in DouCo DouPHP 1.5 20181221. \install\index.php allows a reload of the product in opportunistic circumstances in which install.lock cannot be read.