Total
37660 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-0657 | 2 Ec-cube, Gmo-pg | 3 Ec-cube, Ec-cube Payment Module, Gmo-pg Payment Module | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| Cross-site scripting vulnerability in EC-CUBE Payment Module and GMO-PG Payment Module (PG Multi-Payment Service) for EC-CUBE (EC-CUBE Payment Module (2.12) version 3.5.23 and earlier, EC-CUBE Payment Module (2.11) version 2.3.17 and earlier, GMO-PG Payment Module (PG Multi-Payment Service) (2.12) version 3.5.23 and earlier, and GMO-PG Payment Module (PG Multi-Payment Service) (2.11) version 2.3.17 and earlier) allow an attacker with administrator rights to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2018-0655 | 1 Weseek | 1 Growi | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| Cross-site scripting vulnerability in GROWI v.3.1.11 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via the app settings section of admin page. | |||||
| CVE-2018-0654 | 1 Weseek | 1 Growi | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting vulnerability in GROWI v.3.1.11 and earlier allows remote attackers to inject arbitrary web script or HTML via the modal for creating Wiki page. | |||||
| CVE-2018-0653 | 1 Weseek | 1 Growi | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting vulnerability in GROWI v.3.1.11 and earlier allows remote attackers to inject arbitrary web script or HTML via Wiki page view. | |||||
| CVE-2018-0652 | 1 Weseek | 1 Growi | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| Cross-site scripting vulnerability in GROWI v.3.1.11 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via the UserGroup Management section of admin page. | |||||
| CVE-2018-0642 | 1 Foliovision | 1 Fv Flowplayer Video Player | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting vulnerability in FV Flowplayer Video Player 6.1.2 to 6.6.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2018-0618 | 2 Debian, Gnu | 2 Debian Linux, Mailman | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting vulnerability in Mailman 2.1.26 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2018-0614 | 1 Necplatforms | 16 Calsos Csdj-a, Calsos Csdj-a Firmware, Calsos Csdj-b and 13 more | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting vulnerability in NEC Platforms Calsos CSDX and CSDJ series products (CSDX 1.37210411 and earlier, CSDX(P) 4.37210411 and earlier, CSDX(D) 3.37210411 and earlier, CSDX(S) 2.37210411 and earlier, CSDJ-B 01.03.00 and earlier, CSDJ-H 01.03.00 and earlier, CSDJ-D 01.03.00 and earlier, CSDJ-A 03.00.00) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2018-0612 | 1 5000 Trillion Yen Converter Project | 1 5000 Trillion Yen Converter | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting vulnerability in 5000 trillion yen converter v1.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2018-0605 | 1 Pixelpost | 1 Pixelpost | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting vulnerability in Pixelpost v1.7.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2018-0603 | 1 Geminilabs | 1 Site Reviews | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting vulnerability in Site Reviews versions prior to 2.15.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2018-0602 | 1 Email Subscribers \& Newsletters Project | 1 Email Subscribers \& Newsletters | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting vulnerability in Email Subscribers & Newsletters versions prior to 3.5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2018-0585 | 1 Ultimatemember | 1 Ultimate Member | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting vulnerability in Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2018-0583 | 1 Asus | 2 Rt-ac1200hp, Rt-ac1200hp Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting vulnerability in ASUS RT-AC1200HP Firmware version prior to 3.0.0.4.380.4180 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2018-0582 | 1 Asus | 2 Rt-ac68u, Rt-ac68u Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting vulnerability in ASUS RT-AC68U Firmware version prior to 3.0.0.4.380.1031 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2018-0581 | 1 Asus | 2 Rt-ac87u, Rt-ac87u Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting vulnerability in ASUS RT-AC87U Firmware version prior to 3.0.0.4.378.9383 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2018-0579 | 1 Webdados | 1 Open Graph For Facebook\, Google\+ And Twitter Card Tags | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting vulnerability in Open Graph for Facebook, Google+ and Twitter Card Tags plugin prior to version 2.2.4.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2018-0578 | 1 Pixelyoursite | 1 Pixelyoursite | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting vulnerability in PixelYourSite plugin prior to version 5.3.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2018-0577 | 1 Flippercode | 1 Wp Google Map | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting vulnerability in WP Google Map Plugin prior to version 4.0.4 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2018-0576 | 1 Pixelite | 1 Events Manager | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting vulnerability in Events Manager plugin prior to version 5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||