Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-21 | CVE-2015-6462 | Cross-site Scripting vulnerability in Schneider-Electric products Reflected Cross-Site Scripting (nonpersistent) allows an attacker to craft a specific URL, which contains Java script that will be executed on the Schneider Electric Modicon BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, or BMXP342030H PLC client browser. | 5.4 |
| 2019-03-21 | CVE-2019-9094 | Cross-site Scripting vulnerability in Humhub 1.3.10 A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in /s/adada/cfiles/upload in Humhub 1.3.10 Community Edition. | 6.1 |
| 2019-03-21 | CVE-2019-9093 | Cross-site Scripting vulnerability in Humhub 1.3.10 A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in file/file/upload in Humhub 1.3.10 Community Edition. | 6.1 |
| 2019-03-21 | CVE-2019-8938 | Cross-site Scripting vulnerability in Vertrigoserv Project Vertrigoserv 2.17 VertrigoServ 2.17 allows XSS via the /inc/extensions.php ext parameter. | 6.1 |
| 2019-03-21 | CVE-2019-7438 | Cross-site Scripting vulnerability in JIO Jiofi 4G M2S Firmware 1.0.2 cgi-bin/qcmap_web_cgi on JioFi 4G M2S 1.0.2 devices has XSS and HTML injection via the mask POST parameter. | 6.1 |
| 2019-03-21 | CVE-2019-7437 | Cross-site Scripting vulnerability in Opensource Classified ADS Script Project Opensource Classified ADS Script 3.2.2 PHP Scripts Mall Opensource Classified Ads Script 3.2.2 has reflected Cross-Site Scripting (XSS) via the Search field. | 6.1 |
| 2019-03-21 | CVE-2019-7435 | Cross-site Scripting vulnerability in Opensource Classified ADS Script Project Opensource Classified ADS Script 3.2.2 PHP Scripts Mall Opensource Classified Ads Script 3.2.2 has reflected HTML injection via the Search Form. | 5.3 |
| 2019-03-21 | CVE-2019-7432 | Cross-site Scripting vulnerability in Rental Bike Script Project Rental Bike Script 2.0.3 PHP Scripts Mall Rental Bike Script 2.0.3 has HTML injection via the STREET field in the Profile Edit section. | 5.4 |
| 2019-03-21 | CVE-2019-7430 | Cross-site Scripting vulnerability in Image Sharing Script Project Image Sharing Script 1.3.4 PHP Scripts Mall Image Sharing Script 1.3.4 has HTML injection via the Search Bar. | 5.3 |
| 2019-03-21 | CVE-2019-7425 | Cross-site Scripting vulnerability in Zohocorp Manageengine Netflow Analyzer 7.0.0.2 XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the task parameter. | 6.1 |