Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-22 | CVE-2018-18553 | Cross-site Scripting vulnerability in Leanote 2.6.1 Leanote 2.6.1 has XSS via the Blog Basic Setting title field, which is mishandled during rendering of the "likes" page. | 6.1 |
| 2018-10-21 | CVE-2018-18545 | Cross-site Scripting vulnerability in Fiyo CMS 2.0.7 Fiyo CMS 2.0.7 has XSS via the dapur\apps\app_user\edit_user.php name parameter. | 6.1 |
| 2018-10-20 | CVE-2018-18540 | Cross-site Scripting vulnerability in Teakki 2.7 TeaKKi 2.7 allows XSS via a crafted onerror attribute for a picture's URL. | 6.1 |
| 2018-10-19 | CVE-2018-18419 | Cross-site Scripting vulnerability in Ardawan User Management 1.1 Stored XSS has been discovered in the upload section of ARDAWAN.COM User Management 1.1, as demonstrated by a .jpg filename to the /account URI. | 5.4 |
| 2018-10-19 | CVE-2018-18417 | Cross-site Scripting vulnerability in Creativeitem Ekushey Project Manager 3.1 In the 3.1 version of Ekushey Project Manager CRM, Stored XSS has been discovered in the input and upload sections, as demonstrated by the name parameter to the index.php/admin/client/create URI. | 5.4 |
| 2018-10-19 | CVE-2018-18416 | Cross-site Scripting vulnerability in Pokkho Lango 1.0 LANGO Codeigniter Multilingual Script 1.0 has XSS in the input and upload sections, as demonstrated by the site_name parameter to the admin/settings/update URI. | 4.8 |
| 2018-10-19 | CVE-2018-12672 | Cross-site Scripting vulnerability in Sv3C H.264 POE IP Camera Firmware V2.3.4.2103S50Ntdb20170508B The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B) does not perform proper validation on user-supplied input and is vulnerable to cross-site scripting attacks. | 5.4 |
| 2018-10-19 | CVE-2018-15315 | Cross-site Scripting vulnerability in F5 products On F5 BIG-IP 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, there is a reflected Cross Site Scripting (XSS) vulnerability in an undisclosed Configuration Utility page. | 6.1 |
| 2018-10-19 | CVE-2018-15314 | Cross-site Scripting vulnerability in F5 Big-Ip Advanced Firewall Manager On F5 BIG-IP AFM 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, there is a Reflected Cross Site Scripting vulnerability in undisclosed TMUI page. | 6.1 |
| 2018-10-19 | CVE-2018-15313 | Cross-site Scripting vulnerability in F5 Big-Ip Advanced Firewall Manager On F5 BIG-IP AFM 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, there is a Reflected Cross Site Scripting vulnerability in undisclosed TMUI page. | 6.1 |