Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-03-21 | CVE-2018-20140 | Cross-site Scripting vulnerability in Zenphoto 1.4.14 Zenphoto 1.4.14 has multiple cross-site scripting (XSS) vulnerabilities via different URL parameters. | 6.1 |
| 2019-03-21 | CVE-2018-20121 | Cross-site Scripting vulnerability in Podcastgenerator Podcast Generator 2.7 Podcast Generator 2.7 has stored cross-site scripting (XSS) via the URL addcategory parameter. | 6.1 |
| 2019-03-21 | CVE-2018-19934 | Cross-site Scripting vulnerability in Solarwinds Serv-U FTP Server 15.1.6.25 SolarWinds Serv-U FTP Server 15.1.6.25 has reflected cross-site scripting (XSS) in the Web management interface via URL path and HTTP POST parameter. | 4.8 |
| 2019-03-21 | CVE-2018-19917 | Cross-site Scripting vulnerability in Microweber 1.0.8 Microweber 1.0.8 has reflected cross-site scripting (XSS) vulnerabilities. | 6.1 |
| 2019-03-21 | CVE-2018-19694 | Cross-site Scripting vulnerability in Hms-Networks products HMS Industrial Networks Netbiter WS100 3.30.5 devices and previous have reflected XSS in the login form. | 6.1 |
| 2019-03-21 | CVE-2018-19525 | Cross-site Scripting vulnerability in Systrome products An issue was discovered on Systrome ISG-600C, ISG-600H, and ISG-800W 1.1-R2.1_TRUNK-20180914.bin devices. | 6.1 |
| 2019-03-21 | CVE-2018-19509 | Cross-site Scripting vulnerability in ENS Webgalamb 7.0 wg7.php in Webgalamb 7.0 makes opportunistic calls to htmlspecialchars() instead of using a templating engine with proper contextual encoding. | 6.1 |
| 2019-03-21 | CVE-2018-19498 | Cross-site Scripting vulnerability in Simplenia Pages The Simplenia Pages plugin 2.6.0 for Atlassian Bitbucket Server has XSS. | 6.1 |
| 2019-03-21 | CVE-2018-19191 | Cross-site Scripting vulnerability in Webmin 1.890 Webmin 1.890 has XSS via /config.cgi?webmin, the /shell/index.cgi history parameter, /shell/index.cgi?stripped=1, or the /webminlog/search.cgi uall or mall parameter. | 5.4 |
| 2019-03-21 | CVE-2018-18882 | Cross-site Scripting vulnerability in Controlbyweb X-320M-I Firmware 1.05 A stored cross-site scripting (XSS) issue was discovered in ControlByWeb X-320M-I Web-Enabled Instrumentation-Grade Data Acquisition module 1.05 with firmware revision v1.05. | 5.4 |