Total
43661 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-8440 | 1 Dilicms | 1 Dilicms | 2024-11-21 | N/A |
| An issue was discovered in DiliCMS 2.4.0. There is a Stored XSS Vulnerability in the third textbox (aka site logo) of "System setting->site setting" of admin/index.php, aka site_logo. | ||||
| CVE-2019-8439 | 1 Dilicms | 1 Dilicms | 2024-11-21 | N/A |
| An issue was discovered in DiliCMS 2.4.0. There is a Stored XSS Vulnerability in the second textbox of "System setting->site setting" of admin/index.php, aka site_domain. | ||||
| CVE-2019-8438 | 1 Dilicms | 1 Dilicms | 2024-11-21 | N/A |
| An issue was discovered in DiliCMS 2.4.0. There is a Stored XSS Vulnerability in the first textbox of "System setting->site setting" of admin/index.php, aka site_name. | ||||
| CVE-2019-8436 | 1 Txjia | 1 Imcat | 2024-11-21 | N/A |
| imcat 4.5 has Stored XSS via the root/run/adm.php fm[instop][note] parameter. | ||||
| CVE-2019-8435 | 1 Phpmywind | 1 Phpmywind | 2024-11-21 | N/A |
| admin/default.php in PHPMyWind v5.5 has XSS via an HTTP Host header. | ||||
| CVE-2019-8434 | 1 Cmseasy | 1 Cmseasy | 2024-11-21 | N/A |
| In CmsEasy 7.0, there is XSS via the ckplayer.php autoplay parameter. | ||||
| CVE-2019-8432 | 1 Cmseasy | 1 Cmseasy | 2024-11-21 | N/A |
| In CmsEasy 7.0, there is XSS via the ckplayer.php url parameter. | ||||
| CVE-2019-8426 | 1 Zoneminder | 1 Zoneminder | 2024-11-21 | N/A |
| skins/classic/views/controlcap.php in ZoneMinder before 1.32.3 has XSS via the newControl array, as demonstrated by the newControl[MinTiltRange] parameter. | ||||
| CVE-2019-8425 | 1 Zoneminder | 1 Zoneminder | 2024-11-21 | N/A |
| includes/database.php in ZoneMinder before 1.32.3 has XSS in the construction of SQL-ERR messages. | ||||
| CVE-2019-8419 | 1 Vnote Project | 1 Vnote | 2024-11-21 | N/A |
| VNote 2.2 has XSS via a new text note. | ||||
| CVE-2019-8410 | 1 Maccms | 1 Maccms | 2024-11-21 | N/A |
| Maccms 8.0 allows XSS via the inc/config/cache.php t_key parameter because template/paody/html/vod_type.html mishandles the keywords parameter, and a/tpl/module/db.php only filters the t_name parameter (not t_key). | ||||
| CVE-2019-8400 | 1 Ory | 1 Hydra | 2024-11-21 | N/A |
| ORY Hydra before v1.0.0-rc.3+oryOS.9 has Reflected XSS via the oauth2/fallbacks/error error_hint parameter. | ||||
| CVE-2019-8391 | 1 Qdpm | 1 Qdpm | 2024-11-21 | N/A |
| qdPM 9.1 suffers from Cross-site Scripting (XSS) via configuration?type=[XSS] parameter. | ||||
| CVE-2019-8390 | 1 Qdpm | 1 Qdpm | 2024-11-21 | N/A |
| qdPM 9.1 suffers from Cross-site Scripting (XSS) in the search[keywords] parameter. | ||||
| CVE-2019-8368 | 1 Open-emr | 1 Openemr | 2024-11-21 | 6.1 Medium |
| OpenEMR v5.0.1-6 allows XSS. | ||||
| CVE-2019-8363 | 1 Verydows | 1 Verydows | 2024-11-21 | N/A |
| Verydows 2.0 has XSS via the index.php?c=main a parameter, as demonstrated by an a=index[XSS] value. | ||||
| CVE-2019-8361 | 1 Responsive Video News Script Project | 1 Responsive Video News Script | 2024-11-21 | N/A |
| PHP Scripts Mall Responsive Video News Script has XSS via the Search Bar. This might, for example, be leveraged for HTML injection or URL redirection. | ||||
| CVE-2019-8349 | 1 Htmly | 1 Htmly | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in HTMLy 2.7.4 allow remote attackers to inject arbitrary web script or HTML via the (1) destination parameter to delete feature; the (2) destination parameter to edit feature; (3) content parameter in the profile feature. | ||||
| CVE-2019-8346 | 1 Zohocorp | 1 Manageengine Adselfservice Plus | 2024-11-21 | N/A |
| In Zoho ManageEngine ADSelfService Plus 5.x through 5704, an authorization.do cross-site Scripting (XSS) vulnerability allows for an unauthenticated manipulation of the JavaScript code by injecting the HTTP form parameter adscsrf. An attacker can use this to capture a user's AD self-service password reset and MFA token. | ||||
| CVE-2019-8335 | 1 Schoolcms | 1 Schoolcms | 2024-11-21 | N/A |
| An issue was discovered in SchoolCMS 2.3.1. There is an XSS vulnerability via index.php?a=Index&c=Channel&m=Home&id=[XSS]. | ||||