| Max CVSS | 7.5 | Min CVSS | 3.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-8729 | 4.3 |
Multiple cross-site scripting (XSS) vulnerabilities in the Activity Log plugin before 2.4.1 for WordPress allow remote attackers to inject arbitrary JavaScript or HTML via a title that is not escaped.
|
26-12-2023 - 19:56 | 15-03-2018 - 17:29 | |
| CVE-2018-9128 | 6.8 |
DVD X Player Standard 5.5.3.9 has a Buffer Overflow via a crafted .plf file, a related issue to CVE-2007-3068.
|
03-04-2019 - 11:41 | 01-04-2018 - 07:29 | |
| CVE-2018-9926 | 6.8 |
An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can add an admin account via index.php?m=core&f=power&v=add.
|
27-02-2019 - 19:37 | 10-04-2018 - 06:29 | |
| CVE-2018-9172 | 3.5 |
The Iptanus WordPress File Upload plugin before 4.3.3 for WordPress mishandles shortcode attributes.
|
10-05-2018 - 13:14 | 01-04-2018 - 23:29 | |
| CVE-2018-9237 | 3.5 |
iScripts EasyCreate 3.2.1 has Stored Cross-Site Scripting in the "Site Description" field.
|
02-05-2018 - 15:13 | 04-04-2018 - 07:29 | |
| CVE-2018-9236 | 3.5 |
iScripts EasyCreate 3.2.1 has Stored Cross-Site Scripting in the "Site title" field.
|
02-05-2018 - 15:13 | 04-04-2018 - 07:29 | |
| CVE-2018-9235 | 4.3 |
iScripts SonicBB 1.0 has Reflected Cross-Site Scripting via the query parameter to search.php.
|
02-05-2018 - 15:12 | 04-04-2018 - 07:29 | |
| CVE-2007-5061 | 7.5 |
SQL injection vulnerability in mods/banners/navlist.php in Clansphere 2007.4 allows remote attackers to execute arbitrary SQL commands via the cat_id parameter to index.php in a banners action.
|
29-09-2017 - 01:29 | 24-09-2007 - 22:17 |