20 matches found
CVE-2018-12272
xowl/request.php in Ximdex 4.0 has XSS via the content parameter...
CVE-2018-12273
The /edit URI in the DMS component in Ximdex 4.0 has XSS via the Ciudad or Nombre parameter...
EUVD-2018-4030
Malware in sbrugna...
CVE-2018-11735
index.php?action=createaccount in Ximdex 4.0 has XSS via the sname or fname parameter...
Cross site scripting
The /edit URI in the DMS component in Ximdex 4.0 has XSS via the Ciudad or Nombre parameter...
CVE-2018-12272
xowl/request.php in Ximdex 4.0 has XSS via the content parameter...
CVE-2018-12272
xowl/request.php in Ximdex 4.0 has XSS via the content parameter...
CVE-2018-12273
The /edit URI in the DMS component in Ximdex 4.0 has XSS via the Ciudad or Nombre parameter...
CVE-2018-12273
The /edit URI in the DMS component in Ximdex 4.0 has XSS via the Ciudad or Nombre parameter...
CVE-2018-12272
Ximdex 4.0 is affected by a cross-site scripting (XSS) vulnerability in xowl/request.php via the content parameter. The issue is described consistently across multiple sources as an XSS in Ximdex 4.0, without public details on exploit specifics or patches within the provided documents. No remedia...
CVE-2018-12273
The CVE-2018-12273 entry affects Ximdex 4.0, specifically the DMS component. The vulnerability is in the /edit URI and allows cross-site scripting via the Ciudad or Nombre parameter. The issue is documented across multiple feeds (NVD, CNVD, OSV, Red Hat, etc.). The CVSS data indicate a network-ba...
CVE-2018-12047
xfind/search in Ximdex 4.0 has XSS via the filternvalue parameters for non-negative values of n, as demonstrated by n equal to 0 through 12...
CVE-2018-12047
xfind/search in Ximdex 4.0 has XSS via the filternvalue parameters for non-negative values of n, as demonstrated by n equal to 0 through 12...
Design/Logic Flaw
xfind/search in Ximdex 4.0 has XSS via the filternvalue parameters for non-negative values of n, as demonstrated by n equal to 0 through 12...
CVE-2018-12047
XIMDEX XSS (CVE-2018-12047) affects Ximdex 4.0, specifically the xfind/search functionality. The vulnerability is a cross-site scripting flaw triggered via the filter[n][value] parameters with non-negative n (as demonstrated for n = 0–12), enabling arbitrary script injection on the search page. T...
CVE-2018-12047
xfind/search in Ximdex 4.0 has XSS via the filternvalue parameters for non-negative values of n, as demonstrated by n equal to 0 through 12...
CVE-2018-11735
index.php?action=createaccount in Ximdex 4.0 has XSS via the sname or fname parameter...
CVE-2018-11735
index.php?action=createaccount in Ximdex 4.0 has XSS via the sname or fname parameter...
CVE-2018-11735
index.php?action=createaccount in Ximdex 4.0 has XSS via the sname or fname parameter...
CVE-2018-11735
CVE-2018-11735 affects Ximdex 4.0. The vulnerability is a Cross-Site Scripting (XSS) on the account creation page (index.php?action=createaccount) via the sname or fname parameters. The root cause is an unsanitized/inadequately escaped user input in these fields, enabling arbitrary script injecti...