Latest CVE Feed
-
5.4
MEDIUMCVE-2019-12190
XSS was discovered in CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.747 via the testacc/fileManager2.php fm_current_dir or filename parameter.... Read more
Affected Products : webpanel- EPSS Score: %0.21
- Published: May. 21, 2019
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2018-7827
A Cross-Site Scripting (XSS) vulnerability exists in the 1st Gen. Pelco Sarix Enhanced Camera and Spectra Enhanced PTZ Camera which a remote attacker can execute arbitrary HTML and script code in a user’s browser session.... Read more
Affected Products : d6220_firmware d6220l_firmware d6230_firmware d6230l_firmware imes19-1i_firmware imes19-1s_firmware imes19-1p_firmware ime119-1i_firmware ime119-1s_firmware ime119-1p_firmware +108 more products- EPSS Score: %0.23
- Published: May. 22, 2019
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2017-13668
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS).... Read more
Affected Products : open-xchange_appsuite- EPSS Score: %0.34
- Published: May. 23, 2019
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2017-11560
An issue was discovered in ZOHO ManageEngine OpManager 12.2. By adding a Google Map to the application, an authenticated user can upload an HTML file. This HTML file is then rendered in various locations of the application. JavaScript inside the uploaded ... Read more
Affected Products : manageengine_opmanager- EPSS Score: %1.78
- Published: May. 23, 2019
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2019-10325
A cross-site scripting vulnerability in Jenkins Warnings NG Plugin 5.0.0 and earlier allowed attacker with Job/Configure permission to inject arbitrary JavaScript in build overview pages.... Read more
Affected Products : warnings_next_generation- EPSS Score: %0.07
- Published: May. 31, 2019
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2019-11370
Stored XSS was discovered in Carel pCOWeb prior to B1.2.4, as demonstrated by the config/pw_snmp.html "System contact" field.... Read more
- EPSS Score: %10.00
- Published: Jun. 03, 2019
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2019-11226
CMS Made Simple 2.2.10 has XSS via the m1_name parameter in "Add Article" under Content -> Content Manager -> News.... Read more
Affected Products : cms_made_simple- EPSS Score: %0.29
- Published: Jun. 05, 2019
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2019-10335
A stored cross site scripting vulnerability in Jenkins ElectricFlow Plugin 1.1.5 and earlier allowed attackers able to configure jobs in Jenkins or control the output of the ElectricFlow API to inject arbitrary HTML and JavaScript in the plugin-provided o... Read more
Affected Products : electricflow- EPSS Score: %0.07
- Published: Jun. 11, 2019
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2019-4403
IBM Connections 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IB... Read more
Affected Products : connections- EPSS Score: %0.16
- Published: Jun. 14, 2019
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2018-18880
In firmware version MS_2.6.9900 of Columbia Weather MicroServer, a networkdiags.php reflected Cross-site scripting (XSS) vulnerability allows remote authenticated users to inject arbitrary web script.... Read more
- EPSS Score: %0.12
- Published: Jun. 18, 2019
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2018-18875
In firmware version MS_2.6.9900 of Columbia Weather MicroServer, a stored Cross-site scripting (XSS) vulnerability allows remote authenticated users to inject arbitrary web script via changestationname.php.... Read more
- EPSS Score: %0.12
- Published: Jun. 18, 2019
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2019-11649
Cross-Site Scripting vulnerability in Micro Focus Fortify Software Security Center Server, versions 17.2, 18.1, 18.2, has been identified in Micro Focus Software Security Center. The vulnerability could be exploited to execute JavaScript code in user’s br... Read more
Affected Products : fortify_software_security_center- EPSS Score: %0.17
- Published: Jun. 19, 2019
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2018-16247
YzmCMS 5.1 has XSS via the admin/system_manage/user_config_add.html title parameter.... Read more
Affected Products : yzmcms- EPSS Score: %0.26
- Published: Jun. 20, 2019
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2019-9957
Stored XSS within Quadbase EspressReport ES (ERES) v7.0 update 7 allows remote attackers to execute malicious JavaScript and inject arbitrary source code into the target pages. The XSS payload is stored by creating a new user account, and setting the user... Read more
Affected Products : espressreport_es- EPSS Score: %0.16
- Published: Jun. 24, 2019
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2018-1758
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to cre... Read more
- EPSS Score: %0.21
- Published: Jun. 27, 2019
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2018-1760
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to cre... Read more
- EPSS Score: %0.21
- Published: Jun. 27, 2019
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2018-1828
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to cre... Read more
- EPSS Score: %0.21
- Published: Jun. 27, 2019
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2018-1893
IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to cre... Read more
- EPSS Score: %0.21
- Published: Jun. 27, 2019
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2019-4083
IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functiona... Read more
- EPSS Score: %0.28
- Published: Jun. 27, 2019
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2019-13072
Stored XSS in the Filters page (Name field) in ZoneMinder 1.32.3 allows a malicious user to embed and execute JavaScript code in the browser of any user who navigates to this page.... Read more
Affected Products : zoneminder- EPSS Score: %0.27
- Published: Jun. 30, 2019
- Modified: Nov. 21, 2024