Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2019-09-14 CVE-2019-16312 Cross-site Scripting vulnerability in S-Cms 3.0
s-cms V3.0 has XSS in index.php?type=text via the S_id parameter.
network
s-cms CWE-79
4.3
4.3
2019-09-14 CVE-2019-16310 Cross-site Scripting vulnerability in Niushop 1.11
NIUSHOP V1.11 has XSS via the index.php?s=/admin URI.
network
niushop CWE-79
3.5
3.5
2019-09-13 CVE-2019-13923 Cross-site Scripting vulnerability in Siemens Ie/Wsn-Pa Link Wirelesshart Gateway Firmware
A vulnerability has been identified in IE/WSN-PA Link WirelessHART Gateway (All versions).
network
siemens CWE-79
4.3
4.3
2019-09-13 CVE-2019-16289 Cross-site Scripting vulnerability in Webcraftic Woody AD Snippets
The insert-php (aka Woody ad snippets) plugin before 2.2.8 for WordPress allows authenticated XSS via the winp_item parameter.
network
webcraftic CWE-79
3.5
3.5
2019-09-13 CVE-2019-13364 Cross-site Scripting vulnerability in Piwigo 2.9.5
admin.php?page=account_billing in Piwigo 2.9.5 has XSS via the vat_number, billing_name, company, or billing_address parameter.
network
low complexity
piwigo CWE-79
critical
 9.6
9.6
2019-09-13 CVE-2019-13363 Cross-site Scripting vulnerability in Piwigo 2.9.5
admin.php?page=notification_by_mail in Piwigo 2.9.5 has XSS via the nbm_send_html_mail, nbm_send_mail_as, nbm_send_detailed_content, nbm_complementary_mail_content, nbm_send_recent_post_dates, or param_submit parameter.
network
low complexity
piwigo CWE-79
critical
 9.6
9.6
2019-09-13 CVE-2019-12517 Cross-site Scripting vulnerability in Slickquiz Project Slickquiz 1.3.7.1
An XSS issue was discovered in the slickquiz plugin through 1.3.7.1 for WordPress. 		4.3
4.3
2019-09-13 CVE-2016-10953 Cross-site Scripting vulnerability in Headwaythemes Headway
The Headway theme before 3.8.9 for WordPress has XSS via the license key field.
network
low complexity
headwaythemes CWE-79
5.4
5.4
2019-09-13 CVE-2016-10952 Cross-site Scripting vulnerability in Quotes Collection Project Quotes Collection
The quotes-collection plugin before 2.0.6 for WordPress has XSS via the wp-admin/admin.php?page=quotes-collection page parameter. 		4.3
4.3
2019-09-13 CVE-2017-18615 Cross-site Scripting vulnerability in Wp-Kama Kama Click Counter
The kama-clic-counter plugin before 3.5.0 for WordPress has XSS.
network
wp-kama CWE-79
4.3
4.3