Vulnerabilities > Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

DATE	CVE	VULNERABILITY TITLE	RISK
2018-09-16	CVE-2018-17082	Cross-site Scripting vulnerability in multiple products The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a "Transfer-Encoding: chunked" request, because the bucket brigade is mishandled in the php_handler function in sapi/apache2handler/sapi_apache2.c. network low complexity php debian netapp CWE-79	6.1
2018-09-16	CVE-2018-17077	Cross-site Scripting vulnerability in Yiqicms Project Yiqicms 20151007/20151014/20161102 An issue was discovered in yiqicms through 2016-11-20. network low complexity yiqicms-project CWE-79	6.1
2018-09-15	CVE-2018-17061	Cross-site Scripting vulnerability in Bullguard Safe Browsing BullGuard Safe Browsing before 18.1.355.9 allows XSS on Google, Bing, and Yahoo! pages via domains indexed in search results. network low complexity bullguard CWE-79	6.1
2018-09-14	CVE-2018-10763	Cross-site Scripting vulnerability in Synametrics Synaman 4.0 Multiple cross-site scripting (XSS) vulnerabilities in Synametrics SynaMan 4.0 build 1488 via the (1) Main heading or (2) Sub heading fields in the Partial Branding configuration page. network low complexity synametrics CWE-79	4.8
2018-09-14	CVE-2018-17051	Cross-site Scripting vulnerability in Knet Cisco Configuration Manager K-Net Cisco Configuration Manager through 2014-11-19 has XSS via devices.php. network low complexity knet CWE-79	6.1
2018-09-14	CVE-2018-17049	Cross-site Scripting vulnerability in CQU Lankers Project CQU Lankers 20171101/20171102 CQU-LANKERS through 2017-11-02 has XSS via the public/api.php callback parameter in an uploadpic action. network low complexity cqu-lankers-project CWE-79	6.1
2018-09-14	CVE-2018-17046	Cross-site Scripting vulnerability in Translate MAN Project Translate MAN translate man before 2018-08-21 has XSS via containers/outputBox/outputBox.vue and store/index.js. network low complexity translate-man-project CWE-79	6.1
2018-09-14	CVE-2018-17044	Cross-site Scripting vulnerability in Yzmcms 5.1 In YzmCMS 5.1, stored XSS exists via the admin/system_manage/user_config_add.html title parameter. network low complexity yzmcms CWE-79	4.8
2018-09-14	CVE-2018-17039	Cross-site Scripting vulnerability in 1234N Minicms 1.10 MiniCMS 1.10, when Internet Explorer is used, allows XSS via a crafted URI because $_SERVER['REQUEST_URI'] is mishandled. network low complexity 1234n CWE-79	6.1
2018-09-14	CVE-2018-17034	Cross-site Scripting vulnerability in Ucms Project Ucms 1.4.6 UCMS 1.4.6 has XSS via the install/index.php mysql_dbname parameter. network low complexity ucms-project CWE-79	6.1