Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2018-10-16 CVE-2018-1777 Cross-site Scripting vulnerability in IBM Websphere Application Server
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting.
network
low complexity
ibm CWE-79
5.4
5.4
2018-10-16 CVE-2018-18381 Cross-site Scripting vulnerability in Zblogcn Z-Blogphp 1.5.2.1935
Z-BlogPHP 1.5.2.1935 (Zero) has a stored XSS Vulnerability in zb_system/function/c_system_admin.php via the Content-Type header during the uploading of image attachments.
network
low complexity
zblogcn CWE-79
5.4
5.4
2018-10-16 CVE-2018-18374 Cross-site Scripting vulnerability in Metinfo 6.1.2
XSS exists in the MetInfo 6.1.2 admin/index.php page via the anyid parameter.
network
low complexity
metinfo CWE-79
5.4
5.4
2018-10-15 CVE-2018-18260 Cross-site Scripting vulnerability in Tuzitio Camaleon CMS 2.4.0
In the 2.4 version of Camaleon CMS, Stored XSS has been discovered.
network
low complexity
tuzitio CWE-79
6.1
6.1
2018-10-15 CVE-2018-18259 Cross-site Scripting vulnerability in Luya CMS 1.0.12
Stored XSS has been discovered in version 1.0.12 of the LUYA CMS software via /admin/api-cms-nav/create-page.
network
low complexity
luya CWE-79
6.1
6.1
2018-10-15 CVE-2018-17533 Cross-site Scripting vulnerability in Teltonika Rut900 Firmware and Rut950 Firmware
Teltonika RUT9XX routers with firmware before 00.05.01.1 are prone to cross-site scripting vulnerabilities in hotspotlogin.cgi due to insufficient user input sanitization.
network
low complexity
teltonika CWE-79
6.1
6.1
2018-10-15 CVE-2018-15538 Cross-site Scripting vulnerability in Agentejo Cockpit
Agentejo Cockpit has multiple Cross-Site Scripting vulnerabilities.
network
low complexity
agentejo CWE-79
6.1
6.1
2018-10-15 CVE-2017-5934 Cross-site Scripting vulnerability in multiple products
Cross-site scripting (XSS) vulnerability in the link dialogue in GUI editor in MoinMoin before 1.9.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
network
low complexity
moinmo debian canonical opensuse CWE-79
6.1
6.1
2018-10-15 CVE-2018-18361 Cross-site Scripting vulnerability in Nconsulting Nc-Cms
An issue was discovered in nc-cms through 2017-03-10.
network
low complexity
nconsulting CWE-79
6.1
6.1
2018-10-15 CVE-2018-18324 Cross-site Scripting vulnerability in Control-Webpanel Webpanel 0.9.8.480
CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has XSS via the admin/fileManager2.php fm_current_dir parameter, or the admin/index.php module, service_start, service_fullstatus, service_restart, service_stop, or file (within the file_editor) parameter.
network
low complexity
control-webpanel CWE-79
6.1
6.1