CVE-2018-11628

Data input into EMS Master Calendar before 8.0.0.201805210 via URL parameters is not properly sanitized, allowing malicious attackers to send a crafted URL for XSS.

Publication date: Fri, 01 Jun 2018 20:29:00 +0000

Cyber News related to CVE-2018-11628

CVE-2018-1000672 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-16391, CVE-2018-16392, CVE-2018-16393, CVE-2018-16418, CVE-2018-16419, CVE-2018-16420, CVE-2018-16421, CVE-2018-16422, CVE-2018-16423, CVE-2018-16424, CVE-2018-16425, ...
55 years ago Tenable.com

CVE-2019-11628 - An issue was discovered in QlikView Server before 11.20 SR19, 12.00 and 12.10 before 12.10 SR11, 12.20 before SR9, and 12.30 before SR2; and Qlik Sense Enterprise and Qlik Analytics Platform installations that lack these patch levels: February 2018 ...
4 years ago

CVE-2018-21038 - An issue was discovered on Samsung mobile devices with N(7.x) software. The Secure Folder app's startup logic allows authentication bypass. The Samsung ID is SVE-2018-11628 (December 2018). ...
4 years ago

CVE-2018-11628 - Data input into EMS Master Calendar before 8.0.0.201805210 via URL parameters is not properly sanitized, allowing malicious attackers to send a crafted URL for XSS. ...
6 years ago

CVE-2017-11628 - In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, a stack-based buffer overflow in the zend_ini_do_op() function in Zend/zend_ini_parser.c could cause a denial of service or potentially allow executing code. NOTE: this is only relevant ...
6 years ago

CVE-2020-11628 - An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1.2. It is intended to support restriction of available remote protocols (CMP, ACME, REST, etc.) through the system configuration. These restrictions can be bypassed by modifying the ...
4 years ago

CVE-2024-11628 - In Progress® Telerik® Kendo UI for Vue versions v2.4.0 through v6.0.1, an attacker can introduce or modify properties within the global prototype chain which can result in denial of service or command injection. ...
1 day ago Tenable.com

CVE-2018-0912 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0923 - Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from ...
5 years ago

CVE-2018-0916 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0914 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0921 - Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from ...
5 years ago

CVE-2018-0909 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0911 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0947 - Microsoft SharePoint Foundation 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0917 - Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from ...
5 years ago

CVE-2018-0910 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0944 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0913 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
5 years ago

CVE-2018-0769 - Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine ...
4 years ago

CVE-2018-0778 - Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID ...
4 years ago

CVE-2018-0773 - Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID ...
4 years ago

CVE-2018-0772 - Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 ...
4 years ago

CVE-2018-0758 - Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine ...
4 years ago

CVE-2018-0781 - Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine ...
4 years ago

Latest Cyber News

Roundtable: Is DOGE Flouting Cybersecurity for US Data? - 30 minutes ago
How Public & Private Sectors Can Better Align Cyber Defense - 56 minutes ago
Chinese APT 'Emperor Dragonfly' Moonlights With Ransomware - 1 hour ago
New Windows UI 0-Day Vulnerability Actively Exploited in the Wild - 2 hours ago
Dutch police say they took down 127 servers used by sanctioned hosting service | The Record from Recorded Future News - 3 hours ago
Burp AI - Burp Suite Now Integrate AI Powered Extension for Web Pentesting - 3 hours ago
Dutch Police seizes 127 XHost servers, dismantles bulletproof hoster - 4 hours ago
Threat Actors In Russia, China, and Iran Targeting Local Communities In The U.S - New Report - 4 hours ago
Hacker leaks account data of 12 million Zacks Investment users - 5 hours ago
APT43 Hackers Attacking Academic Institutions With Exposed Credentials - 6 hours ago
An Italian journalist speaks about being targeted with Paragon spyware | The Record from Recorded Future News - 6 hours ago
CVE-2025-25901 - 6 hours ago
CVE-2025-24904 - 6 hours ago
CVE-2025-25355 - 6 hours ago
CVE-2024-12011 - 6 hours ago
ANYRUN Safebrowsing Extension - Analyse Any Malicious URL for Free - 6 hours ago
CVE-2025-0426 - 7 hours ago
Munich Cyber Security and Security Conferences 2025 [Live Updates] | The Record from Recorded Future News - 8 hours ago
Chinese espionage tools deployed in RA World ransomware attack - 8 hours ago
CVE-2025-26580 - 8 hours ago

Cyber Trends (last 7 days)

Okta - 1 year ago
23andMe - 1 year ago
Kimsuky - 1 year ago
LogoFAIL - 1 year ago
Gh0st rat - 1 year ago

Trending Cyber News (last 7 days)

Roundtable: Is DOGE Flouting Cybersecurity for US Data? - 30 minutes ago
Chinese APT 'Emperor Dragonfly' Moonlights With Ransomware - 1 hour ago
New Windows UI 0-Day Vulnerability Actively Exploited in the Wild - 2 hours ago
Dutch police say they took down 127 servers used by sanctioned hosting service | The Record from Recorded Future News - 3 hours ago
Burp AI - Burp Suite Now Integrate AI Powered Extension for Web Pentesting - 3 hours ago
Dutch Police seizes 127 XHost servers, dismantles bulletproof hoster - 4 hours ago
Threat Actors In Russia, China, and Iran Targeting Local Communities In The U.S - New Report - 4 hours ago
Hacker leaks account data of 12 million Zacks Investment users - 5 hours ago
CVE-2025-0995 - 1 day ago
CVE-2025-0996 - 1 day ago
CVE-2025-0997 - 1 day ago
CVE-2025-0998 - 1 day ago
CVE-2025-24528 - 1 day ago
CVE-2024-11343 - 1 day ago
CVE-2024-12629 - 1 day ago
CVE-2024-9870 - 1 day ago
CVE-2025-0332 - 1 day ago
CVE-2025-0516 - 1 day ago
CVE-2025-1208 - 1 day ago
CVE-2025-25349 - 1 day ago