CVE-2018-5715 CVSS:0.0
phprint.php in SugarCRM 3.5.1 has XSS via a parameter name in the query string (aka a $key variable). (Last Update:2018-01-16) (Publish Update:2018-01-16)
CVE-2018-5712 CVSS:0.0
An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file. (Last Update:2018-01-16) (Publish Update:2018-01-16)
CVE-2018-5704 CVSS:0.0
Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use HTTP POST for sending data to 127.0.0.1 port 4444, which allows remote attackers to conduct cross-protocol scripting attacks, and consequently execute arbitrary commands, via a crafted web site. (Last Update:2018-01-16) (Publish Update:2018-01-16)
CVE-2018-5692 CVSS:0.0
Piwigo v2.8.2 has XSS via the `tab`, `to`, `section`, `mode`, `installstatus`, and `display` parameters of the `admin.php` file. (Last Update:2018-01-13) (Publish Update:2018-01-13)
CVE-2018-5691 CVSS:0.0
SonicWall Global Management System (GMS) 8.1 has XSS via the `newName` and `Name` values of the `/sgms/TreeControl` module. (Last Update:2018-01-13) (Publish Update:2018-01-13)
CVE-2018-5690 CVSS:0.0
Cross-site scripting (XSS) vulnerability in admin/users.php in Dotclear 2.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the nb parameter (aka the page limit number). (Last Update:2018-01-13) (Publish Update:2018-01-13)
CVE-2018-5689 CVSS:0.0
Cross-site scripting (XSS) vulnerability in admin/auth.php in Dotclear 2.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the malicious user's email. (Last Update:2018-01-13) (Publish Update:2018-01-13)
CVE-2018-5688 CVSS:0.0
ILIAS before 5.2.4 has XSS via the cmd parameter to the displayHeader function in setup/classes/class.ilSetupGUI.php in the Setup component. (Last Update:2018-01-14) (Publish Update:2018-01-14)
CVE-2018-5687 CVSS:0.0
NewsBee allows XSS via the Company Name field in the Settings under admin/admin.php. (Last Update:2018-01-13) (Publish Update:2018-01-13)
CVE-2018-5681 CVSS:0.0
PrestaShop 1.7.2.4 has XSS via source-code editing on the "Pages > Edit page" screen. (Last Update:2018-01-13) (Publish Update:2018-01-13)
Click here for a complete list of security vulnerabilities. This vulnerability list widget is provided by www.cvedetails.com