Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-02-18 | CVE-2019-8436 | Cross-site Scripting vulnerability in Txjia Imcat 4.5 imcat 4.5 has Stored XSS via the root/run/adm.php fm[instop][note] parameter. | 3.5 |
2019-02-18 | CVE-2019-8435 | Cross-site Scripting vulnerability in PHPmywind 5.5 admin/default.php in PHPMyWind v5.5 has XSS via an HTTP Host header. | 3.5 |
2019-02-18 | CVE-2019-8434 | Cross-site Scripting vulnerability in Cmseasy 7.0 In CmsEasy 7.0, there is XSS via the ckplayer.php autoplay parameter. | 4.3 |
2019-02-18 | CVE-2019-8432 | Cross-site Scripting vulnerability in Cmseasy 7.0 In CmsEasy 7.0, there is XSS via the ckplayer.php url parameter. | 4.3 |
2019-02-18 | CVE-2019-8426 | Cross-site Scripting vulnerability in Zoneminder skins/classic/views/controlcap.php in ZoneMinder before 1.32.3 has XSS via the newControl array, as demonstrated by the newControl[MinTiltRange] parameter. | 4.3 |
2019-02-18 | CVE-2019-8425 | Cross-site Scripting vulnerability in Zoneminder includes/database.php in ZoneMinder before 1.32.3 has XSS in the construction of SQL-ERR messages. | 4.3 |
2019-02-17 | CVE-2019-8419 | Cross-site Scripting vulnerability in Vnote Project Vnote 2.2 VNote 2.2 has XSS via a new text note. | 4.3 |
2019-02-17 | CVE-2019-8400 | Cross-site Scripting vulnerability in ORY Hydra ORY Hydra before v1.0.0-rc.3+oryOS.9 has Reflected XSS via the oauth2/fallbacks/error error_hint parameter. | 4.3 |
2019-02-16 | CVE-2019-8363 | Cross-site Scripting vulnerability in Verydows 2.0 Verydows 2.0 has XSS via the index.php?c=main a parameter, as demonstrated by an a=index[XSS] value. | 4.3 |
2019-02-16 | CVE-2019-8361 | Cross-site Scripting vulnerability in Responsive Video News Script Project Responsive Video News Script PHP Scripts Mall Responsive Video News Script has XSS via the Search Bar. | 4.3 |