Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE CVE VULNERABILITY TITLE RISK
2018-10-03 CVE-2018-17946 Cross-site Scripting vulnerability in Tribulant Slideshow Gallery
The Tribulant Slideshow Gallery plugin before 1.6.6.1 for WordPress has XSS via the id, method, Gallerymessage, Galleryerror, or Galleryupdated parameter.
network
low complexity
tribulant CWE-79
6.1
6.1
2018-10-02 CVE-2018-17886 Cross-site Scripting vulnerability in Jeesns 1.3
An issue was discovered in JEESNS 1.3.
network
low complexity
jeesns CWE-79
5.4
5.4
2018-10-02 CVE-2018-17884 Cross-site Scripting vulnerability in Gwolle Guestbook Project Gwolle Guestbook
XSS exists in admin/gb-dashboard-widget.php in the Gwolle Guestbook (gwolle-gb) plugin before 2.5.4 for WordPress via the PATH_INFO to wp-admin/index.php
network
low complexity
gwolle-guestbook-project CWE-79
6.1
6.1
2018-10-02 CVE-2018-17596 Cross-site Scripting vulnerability in Zohocorp Manageengine Assetexplorer 6.2.0
In Zoho ManageEngine AssetExplorer, a Stored XSS vulnerability was discovered in the 6.2.0 version via the /AssetDef.do ciName or assetName parameter.
network
low complexity
zohocorp CWE-79
6.1
6.1
2018-10-02 CVE-2018-17595 Cross-site Scripting vulnerability in Fork-Cms Fork CMS 5.4.0
In the 5.4.0 version of the Fork CMS software, HTML Injection and Stored XSS vulnerabilities were discovered via the /backend/ajax URI.
network
low complexity
fork-cms CWE-79
6.1
6.1
2018-10-02 CVE-2018-17594 Cross-site Scripting vulnerability in Airties AIR 5443V2 Firmware 1.0.0.18
AirTies Air 5443v2 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
network
low complexity
airties CWE-79
6.1
6.1
2018-10-02 CVE-2018-17593 Cross-site Scripting vulnerability in Airties AIR 5453 Firmware 1.0.0.18
AirTies Air 5453 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
network
low complexity
airties CWE-79
6.1
6.1
2018-10-02 CVE-2018-17591 Cross-site Scripting vulnerability in Airties AIR 5343V2 Firmware 1.0.0.18
AirTies Air 5343v2 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
network
low complexity
airties CWE-79
6.1
6.1
2018-10-02 CVE-2018-17590 Cross-site Scripting vulnerability in Airties AIR 5442 Firmware 1.0.0.18
AirTies Air 5442 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
network
low complexity
airties CWE-79
6.1
6.1
2018-10-02 CVE-2018-17589 Cross-site Scripting vulnerability in Airties AIR 5650 Firmware 1.0.0.18
AirTies Air 5650 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
network
low complexity
airties CWE-79
6.1
6.1