Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-29 | CVE-2018-18724 | Cross-site Scripting vulnerability in Yunucms 1.1.5 An XSS issue was discovered in index.php/admin/category/editcategory?id=73 in YUNUCMS 1.1.5. | 4.8 |
| 2018-10-29 | CVE-2018-18723 | Cross-site Scripting vulnerability in Yunucms 1.1.5 An XSS issue was discovered in index.php/admin/area/editarea/id/110000 in YUNUCMS 1.1.5. | 4.8 |
| 2018-10-29 | CVE-2018-18722 | Cross-site Scripting vulnerability in Yunucms 1.1.5 An XSS issue was discovered in admin/content/editcontent?id=29&gopage=1 in YUNUCMS 1.1.5. | 4.8 |
| 2018-10-29 | CVE-2018-18721 | Cross-site Scripting vulnerability in Yunucms 1.1.5 An XSS issue was discovered in admin/link/editlink?id=5 in YUNUCMS 1.1.5. | 4.8 |
| 2018-10-29 | CVE-2018-18720 | Cross-site Scripting vulnerability in Yunucms 1.1.5 An XSS issue was discovered in index.php/admin/system/basic in YUNUCMS 1.1.5. | 4.8 |
| 2018-10-29 | CVE-2018-18717 | Cross-site Scripting vulnerability in Eleanor-Cms Eleanor CMS An issue was discovered in Eleanor CMS through 2015-03-19. | 4.8 |
| 2018-10-29 | CVE-2018-18694 | Cross-site Scripting vulnerability in Monstra 3.0.4 admin/index.php?id=filesmanager in Monstra CMS 3.0.4 allows remote authenticated administrators to trigger stored XSS via JavaScript content in a file whose name lacks an extension. | 4.8 |
| 2018-10-26 | CVE-2018-18660 | Cross-site Scripting vulnerability in Arcserve UDP 5.0/6.0/6.5 An issue was discovered in Arcserve Unified Data Protection (UDP) through 6.5 Update 4. | 6.1 |
| 2018-10-25 | CVE-2018-17904 | Cross-site Scripting vulnerability in Geovap Reliance 4 Reliance 4 SCADA/HMI, Version 4.7.3 Update 3 and prior. | 6.1 |
| 2018-10-24 | CVE-2018-18621 | Cross-site Scripting vulnerability in Communigate PRO 6.2 CommuniGate Pro 6.2 allows stored XSS via a message body in Pronto! Mail Composer, which is mishandled in /MIME/INBOX-MM-1/ if the raw email link (in .txt format) is modified and then renamed with a .html or .wssp extension. | 6.1 |