Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-02-19 | CVE-2019-8935 | Cross-site Scripting vulnerability in O-Dyn Collabtive 3.1 Collabtive 3.1 allows XSS via the manageuser.php?action=profile id parameter. | 5.4 |
| 2019-02-18 | CVE-2019-8911 | Cross-site Scripting vulnerability in Wtcms Project Wtcms 1.0 An issue was discovered in WTCMS 1.0. | 6.1 |
| 2019-02-18 | CVE-2019-8436 | Cross-site Scripting vulnerability in Txjia Imcat 4.5 imcat 4.5 has Stored XSS via the root/run/adm.php fm[instop][note] parameter. | 5.4 |
| 2019-02-18 | CVE-2019-8435 | Cross-site Scripting vulnerability in PHPmywind 5.5 admin/default.php in PHPMyWind v5.5 has XSS via an HTTP Host header. | 4.8 |
| 2019-02-18 | CVE-2019-8434 | Cross-site Scripting vulnerability in Cmseasy 7.0 In CmsEasy 7.0, there is XSS via the ckplayer.php autoplay parameter. | 6.1 |
| 2019-02-18 | CVE-2019-8432 | Cross-site Scripting vulnerability in Cmseasy 7.0 In CmsEasy 7.0, there is XSS via the ckplayer.php url parameter. | 6.1 |
| 2019-02-18 | CVE-2019-8426 | Cross-site Scripting vulnerability in Zoneminder skins/classic/views/controlcap.php in ZoneMinder before 1.32.3 has XSS via the newControl array, as demonstrated by the newControl[MinTiltRange] parameter. | 6.1 |
| 2019-02-18 | CVE-2019-8425 | Cross-site Scripting vulnerability in Zoneminder includes/database.php in ZoneMinder before 1.32.3 has XSS in the construction of SQL-ERR messages. | 6.1 |
| 2019-02-17 | CVE-2019-8419 | Cross-site Scripting vulnerability in Vnote Project Vnote 2.2 VNote 2.2 has XSS via a new text note. | 6.1 |
| 2019-02-17 | CVE-2019-8400 | Cross-site Scripting vulnerability in ORY Hydra ORY Hydra before v1.0.0-rc.3+oryOS.9 has Reflected XSS via the oauth2/fallbacks/error error_hint parameter. | 6.1 |