Search
Total
20468 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-13364 | 1 Piwigo | 1 Piwigo | 2020-08-24 | 6.8 MEDIUM | 9.6 CRITICAL |
| admin.php?page=account_billing in Piwigo 2.9.5 has XSS via the vat_number, billing_name, company, or billing_address parameter. This is exploitable via CSRF. | |||||
| CVE-2019-13363 | 1 Piwigo | 1 Piwigo | 2020-08-24 | 6.8 MEDIUM | 9.6 CRITICAL |
| admin.php?page=notification_by_mail in Piwigo 2.9.5 has XSS via the nbm_send_html_mail, nbm_send_mail_as, nbm_send_detailed_content, nbm_complementary_mail_content, nbm_send_recent_post_dates, or param_submit parameter. This is exploitable via CSRF. | |||||
| CVE-2019-13068 | 1 Grafana | 1 Grafana | 2020-08-24 | 4.3 MEDIUM | 5.4 MEDIUM |
| public/app/features/panel/panel_ctrl.ts in Grafana before 6.2.5 allows HTML Injection in panel drilldown links (via the Title or url field). | |||||
| CVE-2019-12934 | 1 Wp-code-highlightjs Project | 1 Wp-code-highlightjs | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in the wp-code-highlightjs plugin through 0.6.2 for WordPress. wp-admin/options-general.php?page=wp-code-highlight-js allows CSRF, as demonstrated by an XSS payload in the hljs_additional_css parameter. | |||||
| CVE-2019-1266 | 1 Microsoft | 1 Exchange Server | 2020-08-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web App (OWA) fails to properly handle web requests, aka 'Microsoft Exchange Spoofing Vulnerability'. | |||||
| CVE-2019-12361 | 1 Phome | 1 Empirecms | 2020-08-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| EmpireCMS 7.5.0 has XSS via the from parameter to e/member/doaction.php, as demonstrated by a CSRF payload that changes the dynamic page template. The attacker can choose to resend the e/template/member/regsend.php registered activation mail page. | |||||
| CVE-2019-1218 | 1 Microsoft | 1 Outlook | 2020-08-24 | 3.5 LOW | 5.4 MEDIUM |
| A spoofing vulnerability exists in the way Microsoft Outlook iOS software parses specifically crafted email messages, aka 'Outlook iOS Spoofing Vulnerability'. | |||||
| CVE-2019-12095 | 1 Horde | 1 Groupware | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| Horde Trean, as used in Horde Groupware Webmail Edition through 5.2.22 and other products, allows CSRF, as demonstrated by the treanBookmarkTags parameter to the trean/ URI on a webmail server. NOTE: treanBookmarkTags could, for example, be a stored XSS payload. | |||||
| CVE-2019-11845 | 1 Ricoh | 2 Sp 4510dn, Sp 4510dn Firmware | 2020-08-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| An HTML Injection vulnerability has been discovered on the RICOH SP 4510DN via the /web/entry/en/address/adrsSetUserWizard.cgi entryNameIn parameter. | |||||
| CVE-2019-11844 | 1 Ricoh | 2 Sp 4520dn, Sp 4520dn Firmware | 2020-08-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| An HTML Injection vulnerability has been discovered on the RICOH SP 4520DN via the /web/entry/en/address/adrsSetUserWizard.cgi entryNameIn or entryDisplayNameIn parameter. | |||||
| CVE-2019-11215 | 1 Combodo | 1 Itop | 2020-08-24 | 6.8 MEDIUM | 8.1 HIGH |
| In Combodo iTop 2.2.0 through 2.6.0, if the configuration file is writable, then execution of arbitrary code can be accomplished by calling ajax.dataloader with a maliciously crafted payload. Many conditions can place the configuration file into a writable state: during installation; during upgrade; in certain cases, an error during modification of the file from the web interface leaves the file writable (can be triggered with XSS); a race condition can be triggered by the hub-connector module (community version only from 2.4.1 to 2.6.0); or editing the file in a CLI. | |||||
| CVE-2019-11193 | 1 Infinitumit | 1 Directadmin | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| The FileManager in InfinitumIT DirectAdmin through v1.561 has XSS via CMD_FILE_MANAGER, CMD_SHOW_USER, and CMD_SHOW_RESELLER; an attacker can bypass the CSRF protection with this, and take over the administration panel. | |||||
| CVE-2019-1105 | 1 Microsoft | 1 Outlook | 2020-08-24 | 3.5 LOW | 5.4 MEDIUM |
| A spoofing vulnerability exists in the way Microsoft Outlook for Android software parses specifically crafted email messages, aka 'Outlook for Android Spoofing Vulnerability'. | |||||
| CVE-2019-10913 | 1 Sensiolabs | 1 Symfony | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4.2.x before 4.2.7, HTTP Methods provided as verbs or using the override header may be treated as trusted input, but they are not validated, possibly causing SQL injection or XSS. This is related to symfony/http-foundation. | |||||
| CVE-2019-10905 | 1 Parsedown | 1 Parsedown | 2020-08-24 | 6.8 MEDIUM | 8.1 HIGH |
| Parsedown before 1.7.2, when safe mode is used and HTML markup is disabled, might allow attackers to execute arbitrary JavaScript code if a script (already running on the affected page) executes the contents of any element with a specific class. This occurs because spaces are permitted in code block infostrings, which interferes with the intended behavior of a single class name beginning with the language- substring. | |||||
| CVE-2019-10887 | 1 Salicru | 1 Slc-20-cube3\(5\) | 2020-08-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| A reflected HTML injection vulnerability on Salicru SLC-20-cube3(5) devices running firmware version cs121-SNMP v4.54.82.130611 allows remote attackers to inject arbitrary HTML elements via a /DataLog.csv?log= or /AlarmLog.csv?log= or /waitlog.cgi?name= or /chart.shtml?data= or /createlog.cgi?name= request. | |||||
| CVE-2019-10226 | 1 Fatfreecrm | 1 Fat Free Crm | 2020-08-24 | 4.3 MEDIUM | 5.4 MEDIUM |
| HTML Injection has been discovered in the v0.19.0 version of the Fat Free CRM product via an authenticated request to the /comments URI. | |||||
| CVE-2018-15608 | 1 Manageengine | 1 Admanager Plus | 2020-08-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| Zoho ManageEngine ADManager Plus 6.5.7 allows HTML Injection on the "AD Delegation" "Help Desk Technicians" screen. | |||||
| CVE-2018-15677 | 1 Btiteam | 1 Xbtit | 2020-08-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| The newsfeed (aka /index.php?page=viewnews) in BTITeam XBTIT 2.5.4 has stored XSS via the title of a news item. This is also exploitable via CSRF. | |||||
| CVE-2019-10049 | 1 Pydio | 1 Pydio | 2020-08-24 | 4.9 MEDIUM | 7.3 HIGH |
| It is possible for an attacker with regular user access to the web application of Pydio through 8.2.2 to trick an administrator user into opening a link shared through the application, that in turn opens a shared file that contains JavaScript code (that is executed in the context of the victim user to obtain sensitive information such as session identifiers and perform actions on behalf of him/her). | |||||
| CVE-2019-0958 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0957. | |||||
| CVE-2019-0951 | 1 Microsoft | 1 Sharepoint Foundation | 2020-08-24 | 3.5 LOW | 5.4 MEDIUM |
| A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-0949, CVE-2019-0950. | |||||
| CVE-2019-0950 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2020-08-24 | 3.5 LOW | 5.7 MEDIUM |
| A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-0949, CVE-2019-0951. | |||||
| CVE-2018-15884 | 1 Ricoh | 2 Mp C4504ex, Mp C4504ex Firmware | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| RICOH MP C4504ex devices allow HTML Injection via the /web/entry/en/address/adrsSetUserWizard.cgi entryNameIn parameter. | |||||
| CVE-2019-0949 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2020-08-24 | 3.5 LOW | 5.7 MEDIUM |
| A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-0950, CVE-2019-0951. | |||||
| CVE-2019-0869 | 1 Microsoft | 1 Azure Devops Server | 2020-08-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| A spoofing vulnerability exists in Microsoft Azure DevOps Server when it fails to properly handle web requests, aka 'Azure DevOps Server HTML Injection Vulnerability'. | |||||
| CVE-2019-0858 | 1 Microsoft | 1 Exchange Server | 2020-08-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests, aka 'Microsoft Exchange Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-0817. | |||||
| CVE-2019-0798 | 1 Microsoft | 2 Lync Server, Skype For Business Server | 2020-08-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| A spoofing vulnerability exists when a Lync Server or Skype for Business Server does not properly sanitize a specially crafted request, aka 'Skype for Business and Lync Spoofing Vulnerability'. | |||||
| CVE-2019-0668 | 1 Microsoft | 1 Sharepoint Enterprise Server | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Elevation of Privilege Vulnerability'. | |||||
| CVE-2019-0624 | 1 Microsoft | 1 Skype For Business | 2020-08-24 | 3.5 LOW | 5.4 MEDIUM |
| A spoofing vulnerability exists when a Skype for Business 2015 server does not properly sanitize a specially crafted request, aka "Skype for Business 2015 Spoofing Vulnerability." This affects Skype. | |||||
| CVE-2019-0213 | 1 Apache | 1 Archiva | 2020-08-24 | 5.5 MEDIUM | 6.5 MEDIUM |
| In Apache Archiva before 2.2.4, it may be possible to store malicious XSS code into central configuration entries, i.e. the logo URL. The vulnerability is considered as minor risk, as only users with admin role can change the configuration, or the communication between the browser and the Archiva server must be compromised. | |||||
| CVE-2019-0319 | 1 Sap | 2 Gateway, Ui5 | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| The SAP Gateway, versions 7.5, 7.51, 7.52 and 7.53, allows an attacker to inject content which is displayed in the form of an error message. An attacker could thus mislead a user to believe this information is from the legitimate service when it's not. | |||||
| CVE-2018-9281 | 1 Eaton | 2 9px Ups, 9px Ups Firmware | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered on Eaton UPS 9PX 8000 SP devices. The administration panel is vulnerable to a CSRF attack on the change-password functionality. This vulnerability could be used to force a logged-in administrator to perform a silent password update. The affected forms are also vulnerable to Reflected Cross-Site Scripting vulnerabilities. This flaw could be triggered by driving an administrator logged into the Eaton application to a specially crafted web page. This attack could be done silently. | |||||
| CVE-2018-9079 | 1 Lenovo | 40 Ez Media \& Backup Center, Ez Media \& Backup Center Firmware, Ix2 and 37 more | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, adversaries can craft URLs to modify the Document Object Model (DOM) of the page. In addition, adversaries can inject HTML script tags and HTML tags with JavaScript handlers to execute arbitrary JavaScript with the origin of the device. | |||||
| CVE-2018-8979 | 1 Open-audit | 1 Open-audit | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| Open-AudIT Professional 2.1 has CSRF, as demonstrated by modifying a user account or inserting XSS sequences via the credentials URI. | |||||
| CVE-2018-7831 | 1 Schneider-electric | 8 Modicom Bmxnor0200h, Modicom Bmxnor0200h Firmware, Modicom M340 and 5 more | 2020-08-24 | 4.3 MEDIUM | 8.8 HIGH |
| An Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 allowing an attacker to send a specially crafted URL to a currently authenticated web server user to execute a password change on the web server. | |||||
| CVE-2018-7724 | 1 Piwigo | 1 Piwigo | 2020-08-24 | 3.5 LOW | 5.4 MEDIUM |
| The management panel in Piwigo 2.9.3 has stored XSS via the name parameter in a /admin.php?page=photo-${photo_number} request. CSRF exploitation, related to CVE-2017-10681, may be possible. | |||||
| CVE-2018-6940 | 1 Nat32 | 1 Nat32 | 2020-08-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| A /shell?cmd= XSS issue exists in the HTTPD component of NAT32 v2.2 Build 22284 devices that can be exploited for Remote Code Execution in conjunction with CSRF. | |||||
| CVE-2018-6603 | 1 Promise | 1 Webpam Proe | 2020-08-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| Promise Technology WebPam Pro-E devices allow remote attackers to conduct XSS, HTTP Response Splitting, and CRLF Injection attacks via JavaScript code in a PHPSESSID cookie. | |||||
| CVE-2018-6357 | 1 Acurax | 1 Social Media Widget | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| The acx_asmw_saveorder_callback function in function.php in the acurax-social-media-widget plugin before 3.2.6 for WordPress has CSRF via the recordsArray parameter to wp-admin/admin-ajax.php, with resultant social_widget_icon_array_order XSS. | |||||
| CVE-2018-6010 | 1 Yiiframework | 1 Yiiframework | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| In Yii Framework 2.x before 2.0.14, remote attackers could obtain potentially sensitive information from exception messages, or exploit reflected XSS on the error handler page in non-debug mode. Related to base/ErrorHandler.php, log/Dispatcher.php, and views/errorHandler/exception.php. | |||||
| CVE-2018-5172 | 2 Canonical, Mozilla | 2 Ubuntu Linux, Firefox | 2020-08-24 | 4.3 MEDIUM | 4.3 MEDIUM |
| The Live Bookmarks page and the PDF viewer can run injected script content if a user pastes script from the clipboard into them while viewing RSS feeds or PDF files. This could allow a malicious site to socially engineer a user to copy and paste malicious script content that could then run with the context of either page but does not allow for privilege escalation. This vulnerability affects Firefox < 60. | |||||
| CVE-2018-2432 | 1 Sap | 1 Businessobjects Business Intelligence | 2020-08-24 | 4.9 MEDIUM | 5.4 MEDIUM |
| SAP BusinessObjects Business Intelligence (BI Launchpad and Central Management Console) versions 4.10, 4.20 and 4.30 allow an attacker to include invalidated data in the HTTP response header sent to a Web user. Successful exploitation of this vulnerability may lead to advanced attacks, including: cross-site scripting and page hijacking. | |||||
| CVE-2018-20859 | 1 Edx | 1 Edx-platform | 2020-08-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| edx-platform before 2018-07-18 allows XSS via a response to a Chemical Equation advanced problem. | |||||
| CVE-2018-20645 | 1 Basic B2b Script Project | 1 Basic B2b Script | 2020-08-24 | 3.5 LOW | 5.4 MEDIUM |
| PHP Scripts Mall Basic B2B Script 2.0.9 has HTML injection via the First Name or Last Name field. | |||||
| CVE-2018-20636 | 1 Chartered Accountant \ | 1 Auditor Website Project | 2020-08-24 | 3.5 LOW | 5.4 MEDIUM |
| PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has HTML injection via the First Name field. | |||||
| CVE-2018-20627 | 1 Consumer Reviews Script Project | 1 Consumer Reviews Script | 2020-08-24 | 3.5 LOW | 5.4 MEDIUM |
| PHP Scripts Mall Consumer Reviews Script 4.0.3 has HTML injection via the search box. | |||||
| CVE-2018-19836 | 1 Metinfo | 1 Metinfo | 2020-08-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| In Metinfo 6.1.3, include/interface/applogin.php allows setting arbitrary HTTP headers (including the Cookie header), and common.inc.php allows registering variables from the $_COOKIE value. This issue can, for example, be exploited in conjunction with CVE-2018-19835 to bypass many XSS filters such as the Chrome XSS filter. | |||||
| CVE-2018-19546 | 1 Jtbc | 1 Jtbc Php | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| JTBC(PHP) 3.0.1.7 has CSRF via the console/xml/manage.php?type=action&action=edit URI, as demonstrated by an XSS payload in the content parameter. | |||||
| CVE-2018-19525 | 1 Systrome | 6 Cumilon Isg-600c, Cumilon Isg-600c Firmware, Cumilon Isg-600h and 3 more | 2020-08-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered on Systrome ISG-600C, ISG-600H, and ISG-800W 1.1-R2.1_TRUNK-20180914.bin devices. There is CSRF via /ui/?g=obj_keywords_add and /ui/?g=obj_keywords_addsave with resultant XSS because of a lack of csrf token validation. | |||||